M100553: Behavior explanation: Understanding dependencies when using ManageSoft for Linux support

Summary

RPMs typically depend on multiple other RPMs, and management of these dependencies is a fundamental part of the ManageSoft Linux support solution.

ManageSoft Linux support is a component of the ManageSoft solution for software management. It allows you to install and manage software on Intel x86 Red Hat Linux computers by wrapping Red Hat Linux RPM software packages for distribution and installation with ManageSoft.

Deploying RPMs to an existing environment can have undesirable effects unless the dependencies between RPMs are clearly understood.

In ManageSoft, the packages of RPMs created contain specific versions of RPM packages. If at one time separate packages contain different versions of an RPM package and both are in a client's policy then only one version of the package will be installed on the client at one time.

For example, Nautilus 1.0.6 (a network user environment that integrates access to files, applications, media, Internet-based services and the Web) requires:

  • glib >= 1.2.9.
  • gnome-vfs 1.0.3 or higher.

The ManageSoft environment may contain a package created for nautilus 1.0.6 which includes gnome-vfs 1.0.5. If another package existed in the client's policy containing a different version of gnome-vfs then it is possible for a number of undesirable scenarios to occur, some of which are outlined below.

Scenario 1 - Breaking existing ManageSoft package dependencies

Assume the following packages to be already installed on a client by ManageSoft through policy:

  • Nautilus 1.0.4 with dependency gnome-vfs 1.0.1 (satisfying requirement for gnome-vfs 1.0 or higher)
  • Galeon 1.2.0 with dependency gnome-vfs 1.0.1 (satisfying requirement for gnome-vfs 1.0.1 or higher)

If a package is created containing nautilus 1.0.6 which requires package gnome-vfs 1.0.3 or higher and deployed to the client the upgrade will proceed, however galeon 1.2.0 will no longer self-heal correctly. During installation of nautilus 1.0.6 ManageSoft will upgrade gnome-vfs 1.0.1 to gnome-vfs 1.0.3, but when galeon 1.2.0 is self-healed ManageSoft will attempt to downgrade gnome-vfs 1.0.3 to gnome-vfs 1.0.1. This will fail as rpm will detect that the downgrade will break nautilus 1.0.6.

It is recommended that all packages are tested before deployment to determine that previously deployed packages are not adversely affected by newly deployed packages.

Scenario 2 - Upgrade/downgrade cycle

Assume the following packages to be already installed on a client by ManageSoft:

  • Nautilus 1.0.4 with dependency gnome-vfs 1.0.3 (satisfying requirement for gnome-vfs 1.0 or higher)
  • Galeon 1.2.0 with dependency gnome-vfs 1.0.3 (satisfying requirement for gnome-vfs 1.0.1 or higher)

If a package is created containing galeon 1.2.11 with gnome-vfs 1.0.5 and deployed to the client the upgrade will occur without error. Then, self-heal will start for nautilus 1.0.4 which will downgrade gnome-vfs to 1.0.3. A subsequent self-heal of galeon 1.2.11 will upgrade gnome-vfs to version 1.0.5. The self-heal operations will continue with the upgrade/downgrade cycle until the nautilus package is updated to include gnome-vfs 1.0.5.

When using RPMs alone, this downgrade will not normally occur but since ManageSoft packages depend on specific packages this scenario is likely to occur in the ManageSoft environment.

Scenario 3 - Breaking explicit dependencies

Assume the following packages to be already installed on a client by ManageSoft:

  • mozilla 0.9.9-7 with dependency mozilla-nspr 0.9.9-7
  • mozilla-nspr-devel 0.9.9-7 with dependency mozilla-nspr 0.9.9-7

If you create a package containing mozilla 1.2.1-26, which requires mozilla-nspr 1.2.1-26, and deploy it to the client to upgrade mozilla 0.9.9-7 to 1.2.1-26 then the upgrade will fail. During installation, ManageSoft will attempt to upgrade package mozilla-nspr 0.9.9-7 to mozilla-nspr 1.2.1-26, but rpm will detect that this will break mozilla-nspr-devel 0.9.9-7 and the upgrade will fail. Following the installation failure of mozilla-nspr 1.2.1-26, mozilla 1.2.1-26 will not be installed and a failure event will be generated. An update of the mozilla-nspr-devel package is required before installation will be successful.

It is recommended that all packages with dependencies on specific versions of other packages are tested before deployment in an operational environment.

RPMs have complex dependencies, so when deploying packages that contain updates of previously deployed packages it is important to ensure that the previously deployed packages are also updated. It is also important to be aware of the packages currently installed on Linux managed devices before deploying packages and to perform rigorous testing before deployment.

Additional Information

This article is relevant to all Linux-based versions of ManageSoft.

Comments

Powered by Zendesk