swegener’s blog

I’d like to announce autorepoman to our developer (and user) community.

You may ask: What the hell is autorepoman? I guess from the name you already have some ideas in your head. Something that does something automatic with repoman. Here we go: autorepoman is a script that runs on one of my systems that runs repoman on changed packages every 30 minutes and generates an email for every package that has errors and sends the email to a mailing list for everyone to read. As it only runs repoman for changed packages the time it takes is quite low, compared to a full tree-wide repoman. Most of the time the running time for an autorepoman run is ~1 minute. A large amount of time is spend on loading the reverse dependencies. Yes, autorepoman has reverse dependencies, that means it will also check packages that depend on the modified package. It also checks for broken Manifests in packages.

If you want to subscribe to the mailing list you can do so by sending an email to gentoo-autorepoman+subscribe@stealer.net, but be aware that depending on the number of commits made to the tree and the quality of these commits, the volume might be relatively high.

Please send comments and suggestions to swegener@gentoo.org

Here is what happened yesterday:

• 17:35 UTC

  I decided to give my webserver a package update. So as always I launched an emerge –sync, following an emerge -upD world to see what portage would like to update. What I saw was not what I expected:

  [blocks B ] >=net-www/apache-2.0.52-r3 (is blocking dev-php/mod_php-4.3.11)
  [blocks B ] >=net-www/apache-2.0.52-r3 (is blocking dev-util/subversion-1.1.3)

  Well, I said to myself: Probably a mistake, so let’s wait one or two hours to give our developers some time to fix these issues.

• 19:11 UTC

  About 1.5 hours passed by. Looking at #gentoo-commits on freenode I saw that our developers fixed the blockers. I issued another emerge –sync and afterwards an emerge -upD world. Everything looked good, so I removed -p from the command and started emerge again. But now this:

  >>> emerge (4 of 4) net-www/apache-2.0.54-r4 to /
  >>> Previously fetched file: apache-patches-2.0.54-r4.tar.bz2 size ;-)
  >>> Previously fetched file: apache-patches-2.0.54-r4.tar.bz2 MD5 ;-)
  >>> Previously fetched file: apache-conf-2.0.54-r4.tar.bz2 size ;-)
  >>> Previously fetched file: apache-conf-2.0.54-r4.tar.bz2 MD5 ;-)

  !!! No message digest entry found for file “httpd-2.0.54.tar.gz.”
  !!! Most likely a temporary problem. Try ‘emerge sync’ again later.
  !!! If you are certain of the authenticity of the file then you may type
  !!! the following to generate a new digest:
  !!! ebuild /usr/portage/category/package/package-version.ebuild digest

  Well, I don’t say that this never happens to me. There might be one excuse for it, repoman has a digest.unused check for digest entries that are not used by a file in SRC_URI, but misses a reverse check that checks for missing digest entries. But it’s up to the developers to make sure that what they commit to the tree actually works. And there is no excuse that two arch teams mark this version stable on their arch without notifying the missing digest entry.

• 19:34 UTC

  I finally finished updating apache, after fixing the above issue myself.

What else drives me nuts it that I sometimes catch developers that do not use repoman to commit their changes. This results in Manifests that break FEATURES=”strict” which has been added to the base profile about one month ago. I often fix them silently because I’m tired of telling developers to use repoman. They should know that, else I wonder who made them developers.

Other developers don’t enter something into repoman’s commit message prompt and just accept the empty line. This makes it really hard to track their CVS changes. Are these developers just to lazy or (sorry) to dumb to create an ecommit shell alias/function/script/whatever that takes care of creating a ChangeLog entry and passing the message to repoman for use as the CVS commit message. Like this:

ecommit() {
        echangelog "${*}"
        repoman --commitmsg "${*}" commit
}

I say, if we want to play where the big boys play, we need to do something about it. Giving a first-time Gentoo user such an experience will probably make them go to another distribution.

After fighting several hours with ntp and its autokey support, I found out that it was a bug in ntpd.

It doesn’t correctly check for errno and as a result packets get dropped completely. I’ve added a fix for this issue to net-misc/ntp-4.2.0.20040617-r1 and included a patch (based on the one from www.ecsirt.net) that allows to override the hostname used by ntpd, especially useful for autokey authentication. Also I’ve merged some IPV6 fixes from upstream developers.

If you have a couple of hours and don’t mind reading source code to get good documentation I can recommend you to take a peek at ntp and its autokey support! I promise you, it’s hours of fun…