search

rpm-software-management / yum

[DEPRECATED] YUM package manager
GNU General Public License v2.0
127 stars 87 forks source link

yum-builddep not abiding by BuildRequires: package range #124

Open brianjmurrell opened 4 years ago

brianjmurrell commented 4 years ago

A packaging fubar was made and a package was made with a pre-release tag in it without using the ~ indicator. So now my repo has foo-2.0.0a1 in it. That fubar was fixed and foo-2.0.0~a1 is now also in the repository.

But now I want to update another package to use the proper foo package. So I've added to it's spec BuildRequires: foo < 2.0.0a1 and that works and selects foo-2.0.0~a1 with yum-builddep.

$ sudo yum-builddep bar.spec 
...
Getting requirements for bar.spec
 --> foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Running transaction check
---> Package foo-devel.x86_64 0:2.0.0~a1-1.git.4871023.el7 will be installed
--> Processing Dependency: foo(x86-64) = 2.0.0~a1-1.git.4871023.el7 for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libfoo.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libfoo_hl.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libfoo_util.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libna.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Running transaction check
---> Package foo.x86_64 0:2.0.0~a1-1.git.4871023.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=================================================================================================================================================
 Package                           Arch                       Version                                          Repository                   Size
=================================================================================================================================================
Installing:
 foo-devel                         x86_64                     2.0.0~a1-1.git.4871023.el7                       my_repo                      58 k
Installing for dependencies:
 foo                               x86_64                     2.0.0~a1-1.git.4871023.el7                       my_repo                     103 k

Transaction Summary
=================================================================================================================================================
Install  1 Package (+1 Dependent package)

Total download size: 161 k
Installed size: 597 k
Is this ok [y/d/N]:

However there are also older versions of foo and I want to ensure that at least a minimum of my new foo-2.0.0~a1-1.git.4871023.el7 package is installed, so I add a BuildRequires: foo-devel >= 2.0.0~a1 to bar.spec. But yum-builddep seems unable to handle that:

$ sudo yum-builddep bar.spec 
...
Getting requirements for bar.spec
 --> foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
 --> foo-devel-2.0.0a1-0.8.git.4871023.el7.x86_64
--> Running transaction check
---> Package foo-devel.x86_64 0:2.0.0~a1-1.git.4871023.el7 will be installed
--> Processing Dependency: foo(x86-64) = 2.0.0~a1-1.git.4871023.el7 for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libfoo.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libfoo_hl.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libfoo_util.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
--> Processing Dependency: libna.so.2()(64bit) for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
---> Package foo-devel.x86_64 0:2.0.0a1-0.8.git.4871023.el7 will be installed
--> Processing Dependency: foo(x86-64) = 2.0.0a1-0.8.git.4871023.el7 for package: foo-devel-2.0.0a1-0.8.git.4871023.el7.x86_64
--> Running transaction check
---> Package foo.x86_64 0:2.0.0~a1-1.git.4871023.el7 will be installed
--> Processing Dependency: foo(x86-64) = 2.0.0~a1-1.git.4871023.el7 for package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64
---> Package foo.x86_64 0:2.0.0a1-0.8.git.4871023.el7 will be installed
--> Finished Dependency Resolution
Error: Package: foo-devel-2.0.0~a1-1.git.4871023.el7.x86_64 (foo)
           Requires: foo(x86-64) = 2.0.0~a1-1.git.4871023.el7
           Available: foo-1.0.1-13.el7.x86_64 (my_other_repo)
               foo(x86-64) = 1.0.1-13.el7
           Available: foo-1.0.1-17.el7.x86_64 (my_other_repo)
               foo(x86-64) = 1.0.1-17.el7
           Available: foo-1.0.1-21.el7.x86_64 (my_other_repo)
               foo(x86-64) = 1.0.1-21.el7
           Available: foo-2.0.0~a1-1.git.4871023.el7.x86_64 (my_repo)
               foo(x86-64) = 2.0.0~a1-1.git.4871023.el7
           Available: foo-2.0.0a1-0.2.git.c2c2628.el7.x86_64 (my_other_repo)
               foo(x86-64) = 2.0.0a1-0.2.git.c2c2628.el7
           Available: foo-2.0.0a1-0.3.git.c2c2628.el7.x86_64 (my_other_repo)
               foo(x86-64) = 2.0.0a1-0.3.git.c2c2628.el7
           Available: foo-2.0.0a1-0.4.git.5d0cd77.el7.x86_64 (my_other_repo)
               foo(x86-64) = 2.0.0a1-0.4.git.5d0cd77.el7
           Available: foo-2.0.0a1-0.5.git.ad5a3b3.el7.x86_64 (my_other_repo)
               foo(x86-64) = 2.0.0a1-0.5.git.ad5a3b3.el7
           Available: foo-2.0.0a1-0.6.git.299b06d.el7.x86_64 (my_other_repo)
               foo(x86-64) = 2.0.0a1-0.6.git.299b06d.el7
           Available: foo-2.0.0a1-0.7.git.41caa14.el7.x86_64 (my_other_repo)
               foo(x86-64) = 2.0.0a1-0.7.git.41caa14.el7
           Installing: foo-2.0.0a1-0.8.git.4871023.el7.x86_64 (my_other_repo)
               foo(x86-64) = 2.0.0a1-0.8.git.4871023.el7
           Available: foo-1.0.1-9.el7.src (my_other_repo)
               Not found
           Available: foo-1.0.1-12.el7.src (my_other_repo)
               Not found
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest

Is my understanding of being able to use:

BuildRequires: foo-devel < 2.0.0a1
BuildRequires: foo-devel >= 2.0.0~a1

to enforce a version range not correct? I am sure I have seen this done and done this myself in the past.

I even tried:

BuildRequires: foo-devel < 2.0.0a1
BuildRequires: foo-devel > 1.9

to ensure it was not a problem with the pre-release version with the ~ in it.

brianjmurrell commented 4 years ago

Any comment here?

As much as I can appreciate that this project is DEPRECATED and as much as I'd just prefer to use DNF, as a software developer and distributor I cannot count on everyone using my packages on distros like CentOS 7 using DNF when the default package manager there is YUM.

j-mracek commented 4 years ago

I am not sure what you have in spec, but in case that both lines are there, it is incorrect.

BuildRequires: foo-devel < 2.0.0a1
BuildRequires: foo-devel >= 2.0.0~a1

Additional version 2.0.0a1 could be seen by package manager as 2, 0, 0, 1, because only numbers are important.

brianjmurrell commented 4 years ago

Is that actually true?

$ rpmdev-vercmp 2.0.0a1 2.0.0a1
2.0.0a1 == 2.0.0a1
$ rpmdev-vercmp 2.0.0a1 2.0.01
2.0.0a1 < 2.0.01

If I understand what you are saying, shouldn't those both be ==.

As a concrete example, foo-devel-2.0.0 would meet both of those requirements:

$ rpmdev-vercmp 2.0.0 2.0.0a1
2.0.0 < 2.0.0a1
$ rpmdev-vercmp 2.0.0 2.0.0~a1
2.0.0 > 2.0.0~a1