[Koha-devel] Koha packaging problems (Deb10/Buster)

dcook at prosentient.com.au dcook at prosentient.com.au
Mon Mar 16 04:25:54 CET 2020 

Hmm that is tricky. 

I've run through a few different scenarios in my head but they all have pros and cons. No obvious winner. 

I think maybe your idea of a main Koha repo and separate Debian specific repos is the best compromise. That way all supported Linux distros can gets access to all supported Koha versions. Right?

David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia

Office: 02 9212 0899
Direct: 02 8005 0595

-----Original Message-----
From: Mason James <mtj at kohaaloha.com> 
Sent: Friday, 13 March 2020 6:44 PM
To: dcook at prosentient.com.au; 'Koha Devel' <koha-devel at lists.koha-community.org>
Subject: Re: [Koha-devel] Koha packaging problems (Deb10/Buster)

we need to pin on buster because the current combination of libmojolicious-plugin-openapi-perl (1.15~koha) and libmojolicious-perl (8.12) packages that buster pulls are incompatible with each other - even with bz 22522 applied, this problem still exists on buster

we can fix buster by uploading a new version of libmojolicious-plugin-openapi-perl (2.20) to the koha repo, but this breaks jessie - so we cant do that until 30th june

...or do we decide to upload a new version of libmojolicious-plugin-openapi-perl to the koha repo now, and break jessie to fix buster?


any other ideas?


On 13/03/20 11:36 am, dcook at prosentient.com.au wrote:
> Wait a minute... why do we need to pin libmojolicious-perl? 
>
> Thanks to Ere's work on https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22522, Koha should be able to work with Mojolicious 8 now (and Mojolicious::Plugin::OpenAPI 2.21 and JSON::Validator 3.18). Admittedly it's only in master right now, but I'm using his patches on 18.11 and 19.11 already with Mojolicious 8, and they're working well so far. So hopefully people start pushing that code to stable branches ASAP. 
>
> David Cook
> Systems Librarian
> Prosentient Systems
> 72/330 Wattle St
> Ultimo, NSW 2007
> Australia
>
> Office: 02 9212 0899
> Direct: 02 8005 0595
>
> -----Original Message-----
> From: Koha-devel <koha-devel-bounces at lists.koha-community.org> On 
> Behalf Of Mason James
> Sent: Thursday, 12 March 2020 8:20 PM
> To: Koha Devel <koha-devel at lists.koha-community.org>
> Subject: Re: [Koha-devel] Koha packaging problems (Deb10/Buster)
>
> On 12/03/20 12:43 am, Mason James wrote:
>> On 10/03/20 8:08 pm, Mason James wrote:
>>> Hi Koha devs
>>>
>>> We have a dependency problem with the release of debian-10 and the 
>>> following packages. (debian-11 is ok)
>>>
>>>  libmojolicious-perl
>>>  libmojolicious-plugin-openapi-perl
>>>  libyaml-libyaml-perl
>>> Two other options...
>>>  1/ use kc.org debian packages, with cpanminus (or similar) 
>>> providing the distro specific packages (extra installation steps and
>>> complexity)
>>>  2/ ignore the problem for now, and accept that older koha/distro 
>>> combinations will be forced to break
>> some other points i didnt mention...
>>
>> koha on buster has a security bug. the solution requires some 
>> packages to be updated
>>
>> i can push the packages to the koha repo to fix this problem, but... 
>> (there's always a but) the new packages will break jessie :/ when 
>> jessie-lts support officially finishes on 30th june 2020, i can 
>> happily push these packages - but between now and 30th june we need 
>> to decide on a fix for the security bug on buster  
>> https://wiki.debian.org/LTS
>>
>> some other options...
>>  3/ do nothing and tell people to not use buster, until june  4/ 
>> provide buster packages in an separate repo, until june  5/ provide 
>> instructions to add buster packages using cpanm, until june  6/ 
>> update koha repo to fix buster, and provide jessie packages in an 
>> separate repo  7/ update koha repo to fix buster, and provide 
>> instructions to add jessie packages using cpanm  8/ submit required 
>> buster packages to debian buster-backports repo (not sure how 
>> difficult this is)
>>
>> i prefer option 4/, as its the least disruptive for users, and only 
>> requires an extra sources.list line to implement
>>
>> also... i think we should hold off on redesigning the koha apt 
>> repository until *after* this buster security issue is fixed
>>
>> cheers, Mason
> hmm, i had forgotten another...
> its possible to tell apt to prefer koha's older mojo v7 package, 
> rather than the newer debian/buster mojo v8 package
>
> running the following command before 'apt install koha-common' makes 
> it possible to run the various koha releases on debian 10
>
> $ sudo cat << EOF > /etc/apt/preferences.d/koha-1001
> Package: libjson-validator-perl
> Pin-Priority: 1001
> Pin: release o=Koha
>
> Package: libmojolicious-perl
> Pin-Priority: 1001
> Pin: release o=Koha
> EOF
>
>
> for me, this option is probably the easiest workaround for koha on 
> debian 10
>
> if nobody objects? - i am happy to update the koha wiki with this 
> workaround
>
> cheers, Mason
>
> _______________________________________________
> Koha-devel mailing list
> Koha-devel at lists.koha-community.org
> https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
> website : http://www.koha-community.org/ git : 
> http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
>



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20200316/d559f7ae/attachment.sig>

More information about the Koha-devel mailing list