search

wesbarnett / snap-pac

Pacman hooks that use snapper to create pre/post btrfs snapshots like openSUSE's YaST
GNU General Public License v2.0
180 stars 14 forks source link

Partial upgrade scenario warning #44

Closed wesbarnett closed 3 years ago

wesbarnett commented 3 years ago

I was thinking about exactly when pacman hooks are run and think I see a situation that could lend itself to a user unwittingly performing a partial upgrade. pacman pre hooks are run before transactions occur (upgrade, removal, installation) but after the database is synchronized when using pacman -Sy as part of a transaction (like when running pacman -Syu).

So here is a scenario when using snap-pac:

  1. User runs pacman -Syu to upgrade system. snap-pac calls snapper to take pre/post snapshots.
  2. User undoes the changes from the upgrade using snapper undochange.
  3. User runs pacman -S <package>.

The user has now performed a partial upgrade since the database was synchronized, but the packages were not. This would not be a problem if the pre hooks were run before the database was synchronized but they are run after database synchronization.

I have validated that this can indeed happen using the following steps:

  1. Run pacman -Syu when having snap-pac installed and where packages are actually upgraded
  2. Run snapper undochange <pre>...<post> where <pre> is the pre snapshot number and <post> is the post snapshot number
  3. Run pacman -Qu to list all packages that are out of date. If it lists any packages that means any kind of installation at this point will be a partial upgrade, and indeed it lists all the packages that were upgraded before the rollback.

Additionally using ls -lh /var/lib/pacman/sync/ it is clear that the database is not rolled back when using snapper undochange.

I'm not sure that there is a solution when it comes to these hooks and script because ultimately the pre snapshot needs to be run before the database sync but that is controlled by pacman, not here.

NicoHood commented 3 years ago

I think that this is something we should not consider. That is super edgy and people are always encouraged to not do a partial upgrade.

wesbarnett commented 3 years ago

people are always encouraged to not do a partial upgrade.

My point is that a partial upgrade would occur without the user knowing it if he rollback an upgrade pre/post snapshot pair using these pacman hooks and then installed something.

Maybe this will clarify:

  1. User upgrades system when these hooks/script are used (pacman -Syu)
  2. A package is broken, so the user rolls back system using snapper rollback.
  3. User wants to install another package without upgrading the entire system, since upgrading breaks the current setup.

How can the user do that without now performing a partial upgrade since the pacman database is now synced (and can't be rolled back)? Are is the user just out of luck?

NicoHood commented 3 years ago

I dont know, how often will that happen? If the error does not get resolved, you have a problem anyways. So you can just leave the system as is, without installing new packages.

Even if you have a perfect solution that holds back the correct and old database, it is very likely that the mirror will remove those old packages and you cannot install new ones anyways.

So in my opinion the only work we have is to inform the user about this limitation in the readme, nothing more.

wesbarnett commented 3 years ago

Documented.