[Rpm-announce] RPM 4.11.0.1 released!

Panu Matilainen pmatilai at redhat.com
Fri Feb 1 08:33:24 UTC 2013 

We're not so pleased to announce the availability of RPM release 4.11.0.1...

As previously announced [1], shortly after the release of RPM 4.11.0, a 
regression of data-loss severity was discovered in it and the entire 
release pulled back for further investigation. To protect the innocent, 
the 4.11.0 tarball will not be reintroduced to downloads, instead this 
release effectively replaces it. For download information and summary of 
changes from 4.11.0 see the release notes at:

     http://rpm.org/wiki/Releases/4.11.0.1

For the (morbidly?) curious, below is a more detailed explation of the 
post-mortem findings and actions taken:

Due to the severity of the regression we took some extra time for deeper 
investigation the issue(s). As explained in the release notes, the 
regression had to do with %ghost %config files getting removed on 
upgrades. This was caused by a seemingly logical fix to another 
%ghost-related regression (real file/directory not getting created in 
some circumstances when it shared a path with a %ghost), but this missed 
a quirk in how rpm handles such files on upgrade, which is what caused 
the unwanted removal of files. In addition to that we found some, umm, 
interesting things. Some new to 4.11.0, some ages old. Lets just say its 
been a strange week, studying paranormal activity within rpm was not 
what I had in mind this Monday.

The closer study of %ghost behavior also revealed that the ghostbuster 
release 4.11.0 would remove %ghost %config files when the owning package 
is removed. While this seems in line with overall rpm behavior, it 
significantly differs from the behavior of past rpm releases spanning at 
least a decade: the older versions would leave %ghost %config files in 
place on package erasure. We decided to revert back to the former 
behavior to avoid data loss - packages could well be relying on the 
long-standing %ghost %config semantics.

Another discovery related to the above was that older rpm versions would 
remove a %ghost %config file on package erasure in one, rather special 
case: if the on-disk %ghost %config content matched that of the 
build-time non-packaged file in buildroot, rpm would remove it. Sort of 
like a ghost remembering its past life upon seeing itself in a mirror. 
This was considered a bit too spooky for our tastes, rpm >= 4.11.0.1 
will simply always preserve %ghost %config files on erasure.

These behaviors are now included in the rpm self-test suite to hopefully 
prevent similar incidents happening again in the future. While rpm 
4.10.3 does not appear to exhibit the destructive behavior of 4.11.0, 
that release has also been pulled out of distribution permanently as a 
precautionary measure. It will be similarly replaced by a new 4.10.3.1 
release as soon as we've fully tested the fixes against that codebase, 
hopefully early next week.

[1] http://lists.rpm.org/pipermail/rpm-announce/2013-January/000040.html

On behalf of the rpm-team,

     - Panu -

More information about the Rpm-announce mailing list