[Bug 1788486] Re: apt behaviour with strict dependencies

Julian Andres Klode 1788486 at bugs.launchpad.net
Thu Aug 23 07:01:18 UTC 2018 

I disagree. Being strict about the policy is a good thing - it gives you
a predictable result.

That said, you could install zsh/release and that does do some switching
of candidates to make that work. I don't like that. It also does not
work entirely reliably. I just closed two or three of these bugs as
Won't Fix or Invalid or something.

One exception I'd consider to be a valid thing is to switch candidates
of packages from the same source package, but that only helps for a
limited number of problems.

We are in desperate need of a new solver, and I hope to get
https://salsa.debian.org/apt-team/apt-solver-kalel/ working eventually.
But even there, by default, we're strict about policy. You'd get an
option to relax policy and determine a best solution where there is no
strict solution available. But that should require an explicit opt-in.

I do not plan to backport that solver to older releases, except as an
EDSP (external dependency solver protocol) solver. But solvers like that
are remarkably slow.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1788486

Title:
  apt behaviour with strict dependencies

Status in apt package in Ubuntu:
  Confirmed
Status in apt source package in Xenial:
  Confirmed
Status in apt source package in Bionic:
  Confirmed

Bug description:
  [Impact]

  We notice that situation while investigating a security update using
  Landscape, but it also applies to 'apt' outside the Landscape context.

  'apt' should be smarter to detect/install packages with strict
  dependencies such as systemd[1] when a version is specified for
  upgrade (Ex: $ apt-get install systemd=229-4ubuntu-21.1).

  It should automatically install the dependencies (if any) from that
  same version as well instead of failing trying to install the highest
  version available (if any) while installing the specified version for
  the one mentionned :

  ========================
  $ apt-get install systemd=229-4ubuntu-21.1
  ....
  "systemd : Depends: libsystemd0 (= 229-4ubuntu21.1) but 229-4ubuntu21.4 is to be installed"
  =========================

  To face that problem :
  - Package with lower version should be found in -security ( Ex: systemd/229-4ubuntu21.1 )
  - Package with higher version should be found in -updates ( Ex: systemd/229-4ubuntu21.4 )
  - Package should have strict dependencies ( Ex: libsystemd0 (= ${binary:Version}) )
  - The upgrade should only specify version for the package, without it's dependencies. (Ex: $ apt-get install systemd=229-4ubuntu-21.1" #systemd without libsystemd0 depends)

  Using systemd is a good reproducer, I'm sure finding other package
  with the same situation is easy.

  It has been easily reproduced with systemd on Xenial and Bionic so
  far.

  [1] debian/control
  Depends: ${shlibs:Depends},
  ${misc:Depends},
  libsystemd0 (= ${binary:Version}),
  ...

  [Workaround]
  If package + dependencies are specified, the upgrade work just fine :

  Ex: $ apt-get install systemd=229-4ubuntu-21.1
  libsystemd0=229-4ubuntu-21.1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1788486/+subscriptions

More information about the foundations-bugs mailing list