Randall R Schulz wrote:
On some 10.0 systems, I use YOU for online updates. At 20 Dec, new Java packages appeared and got installed by me.
Now, package dependencies are broken, yast2 reports conflicts for *tomcat* and lots of java-1_4_2* packages.
This is because java-1_4_2-sun-src didn't got updated, too, and still has the dependency on the old java-1_4_2-sun package. Deleting java-1_4_2-sun-src does the job and restores consistency.
What is the nature of the inconsistency? How does it manifest itself?
It manifests by lots of error messages when one starts yast2 sw_single. The proposed conflict resolution is to re-install all the old Java packages which is not a Good Thing(tm), of course. I needed to look twice to detect that java-1_4_2-sun-src was the culprit. rpm -q --requires -p java-1_4_2-sun-src-1.4.2.06-5.i586.rpm (that's the package from the DVD) tells: java-1.4.2-sun = 1.4.2.06-5 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadIsBzip2) <= 3.0.5-1
Nothing literally depends on the Java source code.
It's the other way round. The Java source code package depends on the precise installed binary version. Supposedly one shall install only code that fits together exactly -- but then they should update the source as well. (Frankly, I don't know why that dependency is needed at all.)
It's even possible that the difference in the newere release supplied by the YOU update did not originate in any changes in that source code (it could very well be in proprietary source that's not distributed by Sun).
That is my hypothesis, too. But nevertheless one is not able to install both the Java security update and the Java source code properly. (Of course I simply unpacked the rpm manually afterwards, this package has just a zip file as content.) But when an update to the sun-src package now happens, I don't get it automatically, but have to look for it manually. It's not that I can't use the stuff -- I was annoyed by that error, wanted to bring it to attention of others, and wanted to ask for advise what one does best when one encounters such an error: Be quiet, tell it here around, file a bug report?
I'm frankly more concerned that SuSE Watcher did not alert me to the Java updates nor the Perl update nor the binutils update, all of which were available for my installation.
Similarly here ;-) -- I noticed the security announcement of SUSE and wondered why I had no email to tell me that I need to update something. (I don't use SUSE Watcher, but have a cron job that calls online_update.) At my systems, I had a mirror site in /etc/youservers that stopped providing the updates in December. Bitch. I think I will convert all of my systems to apt as soon as I come around to port apticron. Cheers, and a happy new year, Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany