1 |
commit: 1a196bdef62565e377e90807b8b324547e7d4814 |
2 |
Author: Sam James <sam <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Sep 20 21:13:21 2021 +0000 |
4 |
Commit: Sam James <sam <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Sep 29 14:32:18 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=1a196bde |
7 |
|
8 |
2021-09-24-possible-failure-to-preserve-libraries: add item |
9 |
|
10 |
Bug: https://bugs.gentoo.org/811462 |
11 |
Signed-off-by: Hank Leininger <hlein <AT> korelogic.com> |
12 |
Signed-off-by: Sam James <sam <AT> gentoo.org> |
13 |
|
14 |
...9-possible-failure-to-preserve-libraries.en.txt | 101 +++++++++++++++++++++ |
15 |
1 file changed, 101 insertions(+) |
16 |
|
17 |
diff --git a/2021-09-29-possible-failure-to-preserve-libraries/2021-09-29-possible-failure-to-preserve-libraries.en.txt b/2021-09-29-possible-failure-to-preserve-libraries/2021-09-29-possible-failure-to-preserve-libraries.en.txt |
18 |
new file mode 100644 |
19 |
index 0000000..904c54a |
20 |
--- /dev/null |
21 |
+++ b/2021-09-29-possible-failure-to-preserve-libraries/2021-09-29-possible-failure-to-preserve-libraries.en.txt |
22 |
@@ -0,0 +1,101 @@ |
23 |
+Title: Possible failure to preserve libraries |
24 |
+Author: Sam James <sam@g.o> |
25 |
+Author: Hank Leininger <hlein@×××××××××.com> |
26 |
+Posted: 2021-09-29 |
27 |
+Revision: 1 |
28 |
+News-Item-Format: 2.0 |
29 |
+Display-If-Installed: sys-apps/portage |
30 |
+ |
31 |
+We have observed in some cases corruption of Portage's internal database |
32 |
+(VDB), where the libraries provided by a package are not recorded. This |
33 |
+can break the "preserve-libs" functionality, and thus in rare cases |
34 |
+break your system during much later updates (even if you do not use |
35 |
+"preseved-libs" now, but decide to switch it on later). |
36 |
+ |
37 |
+The underlying problem occurs usually when glibc has been upgraded to a |
38 |
+new major version, but pax-utils has not yet been upgraded to a version |
39 |
+compatible with it (but at that moment stays undetected). |
40 |
+ |
41 |
+The full technical details and investigation can be found on a Wiki page |
42 |
+[0] and on Bugzilla [1]. Work is underway to prevent this happening |
43 |
+again both within Portage [2] (possibly more to come) and within the |
44 |
+glibc and pax-utils ebuilds [3][4]. |
45 |
+ |
46 |
+To detect whether a system is affected, emerge the |
47 |
+app-portage/recover-broken-vdb package: |
48 |
+``` |
49 |
+$ emerge --ask --verbose --oneshot app-portage/recover-broken-vdb |
50 |
+``` |
51 |
+which provides two tools: recover-broken-vdb-find-broken.sh and |
52 |
+recover-broken-vdb. |
53 |
+ |
54 |
+Then run recover-broken-vdb-find-broken.sh: |
55 |
+``` |
56 |
+$ recover-broken-vdb-find-broken.sh | tee broken_vdb_packages |
57 |
+``` |
58 |
+ |
59 |
+This check should be run on all Gentoo systems. |
60 |
+ |
61 |
+If you have any output, read on. |
62 |
+ |
63 |
+Fixing a broken system is not always straightforward. It is strongly |
64 |
+recommended to take a backup of your full system before proceeding, |
65 |
+as well as a copy of /var/db/pkg (the VDB): |
66 |
+ |
67 |
+1. A tool has been developed [5] to attempt to fix the consistency |
68 |
+ of the Portage database. Using this tool to modify the VDB is NOT |
69 |
+ mandatory (read the full news item before proceeding) - you can skip |
70 |
+ to Step 2 if you wish, but fixing the integrity of the VDB |
71 |
+ makes it as safe as reasonably possible to proceed with |
72 |
+ rebuilding packages. |
73 |
+ |
74 |
+ Run: |
75 |
+ ``` |
76 |
+ # Take a backup of /var/db/pkg before proceeding, such as by doing: |
77 |
+ $ cp -a /var/db/pkg /var/db/pkg.orig |
78 |
+ |
79 |
+ # And then: |
80 |
+ $ emerge --ask --verbose --oneshot --noreplace \ |
81 |
+ app-portage/recover-broken-vdb |
82 |
+ |
83 |
+ $ recover-broken-vdb |
84 |
+ |
85 |
+ # The tool will output to a random temporary directory. |
86 |
+ # Inspect the results, and then update the real /var/db/pkg/ |
87 |
+ # by doing either: |
88 |
+ |
89 |
+ $ recover-broken-vdb --output /var/db/pkg |
90 |
+ |
91 |
+ # Or, manually copying the new files from the temporary directory tree |
92 |
+ # into your real /var/db/pkg/ directory tree. |
93 |
+ ``` |
94 |
+ |
95 |
+2. Attempt to rebuild the affected packages, first upgrading |
96 |
+ app-portage/pax-utils to the latest version: |
97 |
+ ``` |
98 |
+ $ emerge --ask --verbose --oneshot ">=app-misc/pax-utils-1.3.3" |
99 |
+ $ emerge --ask --verbose --oneshot --usepkg=n $(cat broken_vdb_packages) |
100 |
+ ``` |
101 |
+ |
102 |
+Given that there are possible other side-effects of the corruption/bug, |
103 |
+it is strongly recommended that if any corruption is detected, all |
104 |
+packages on the system should be rebuilt, after following the above |
105 |
+steps: |
106 |
+``` |
107 |
+$ emerge --ask --emptytree --usepkg=n @world |
108 |
+``` |
109 |
+ |
110 |
+Note that binary packages may need to be discarded given they may |
111 |
+contain corrupt metadata. |
112 |
+ |
113 |
+Please see the wiki [0] for a full description of the background |
114 |
+of this problem and handling corner cases such as e.g. already |
115 |
+being affected by system breakage [6] as a result of the bug. |
116 |
+ |
117 |
+[0] https://wiki.gentoo.org/wiki/Project:Toolchain/Corrupt_VDB_ELF_files |
118 |
+[1] https://bugs.gentoo.org/811462 |
119 |
+[2] https://github.com/gentoo/portage/pull/744 |
120 |
+[3] https://bugs.gentoo.org/811462#c6 |
121 |
+[4] https://bugs.gentoo.org/811462#c7 |
122 |
+[5] https://github.com/thesamesam/recover-broken-vdb |
123 |
+[6] https://wiki.gentoo.org/wiki/Fix_my_Gentoo |