Public bug reported:
(bug filled as per request on ubuntu-devel-discuss, excerpt of original report
follows. Reference:
https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2016-November/017156.html)
This is on "Ubuntu 16.04.1 LTS"
Observed Problem:
-----------------
Trying to install mysql-server and thereby mysql-server-5.7 on a
16.04 LTS system (server-edition) with selinux installed, aborts with
aptitude complaining that "apparmor" is needed, but not to be
installed.
Cycling through the dependency resolution suggestions from aptitude
only offers to either uninstall selinux or not install mysql-server.
(See typescript and versions below)
Expected behaviour:
-------------------
Server / daemon software such as mysql-server should not have a hard
dependency on any specific Linux Security Module, but depend either on
none or on all in a "one of the following needed" fashion.
Steps to reproduce:
-------------------
a) indirect: just review the dependencies of mysql-server-5.7 by any
preferred way
b) direct:
b.1) install selinux and dependencies (note: selinux-policy-ubuntu is
broken and does not install, explicitly select selinux-policy-default
while requesting selinux). No need to actually activate it.
b.2) run "aptitude install mysql-server"
Appendix:
---------
a) Relevant software versions installed:
----------------------------------------
***@ubuntu:~$ dpkg-query -l $(aptitude search '~i selinux' | cut -c 4-30)
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==========================-==================-==================-=========================================================
ii libselinux1:amd64 2.4-3build2 amd64 SELinux
runtime shared libraries
ii python-selinux 2.4-3build2 amd64 Python
bindings to SELinux shared libraries
ii python3-selinux 2.4-3build2 amd64 Python3
bindings to SELinux shared libraries
ii selinux 1:0.11 all
Security-Enhanced Linux runtime support
ii selinux-basics 0.5.2 all SELinux
basic support
ii selinux-policy-default 2:2.20140421-9 all Strict and
Targeted variants of the SELinux policy
ii selinux-policy-dev 2:2.20140421-9 all Headers
from the SELinux reference policy for building mo
ii selinux-policy-src 2:2.20140421-9 all Source of
the SELinux reference policy for customization
ii selinux-utils 2.4-3build2 amd64 SELinux
utility programs
***@ubuntu:~$ apt-cache policy selinux mysql-server-5.7 apparmor
selinux:
Installed: 1:0.11
Candidate: 1:0.11
Version table:
*** 1:0.11 500
500 http://de.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
500 http://de.archive.ubuntu.com/ubuntu xenial/universe i386 Packages
100 /var/lib/dpkg/status
mysql-server-5.7:
Installed: (none)
Candidate: 5.7.16-0ubuntu0.16.04.1
Version table:
5.7.16-0ubuntu0.16.04.1 500
500 http://de.archive.ubuntu.com/ubuntu xenial-updates/main amd64
Packages
500 http://security.ubuntu.com/ubuntu xenial-security/main amd64
Packages
5.7.11-0ubuntu6 500
500 http://de.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
apparmor:
Installed: (none)
Candidate: 2.10.95-0ubuntu2.5
Version table:
2.10.95-0ubuntu2.5 500
500 http://de.archive.ubuntu.com/ubuntu xenial-updates/main amd64
Packages
2.10.95-0ubuntu2 500
500 http://de.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
b) Typescript of failed attempt
-------------------------------
root@ubuntu ~ # se_aptitude --without-recommends install mysql-server
Authenticating ***.
Password:
The following NEW packages will be installed:
apparmor{a} libapparmor-perl{a} libevent-core-2.0-5{a} mysql-client-5.7{a}
mysql-client-core-5.7{a} mysql-common{a}
mysql-server mysql-server-5.7{a} mysql-server-core-5.7{a}
The following packages are RECOMMENDED but will NOT be installed:
libhtml-template-perl
0 packages upgraded, 9 newly installed, 0 to remove and 8 not upgraded.
Need to get 18.7 MB of archives. After unpacking 162 MB will be used.
The following packages have unmet dependencies:
selinux : Conflicts: apparmor but 2.10.95-0ubuntu2.5 is to be installed.
The following actions will resolve these dependencies:
Remove the following packages:
1) selinux
Accept this solution? [Y/n/q/?] n
The following actions will resolve these dependencies:
Keep the following packages at their current version:
1) apparmor [Not Installed]
2) mysql-server [Not Installed]
3) mysql-server-5.7 [Not Installed]
Accept this solution? [Y/n/q/?] n
*** No more solutions available ***
The following actions will resolve these dependencies:
Keep the following packages at their current version:
1) apparmor [Not Installed]
2) mysql-server [Not Installed]
3) mysql-server-5.7 [Not Installed]
Accept this solution? [Y/n/q/?] q
Abandoning all efforts to resolve these dependencies.
Abort.
** Affects: mysql-5.7 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1641285
Title:
Hard dependency on apparmor prevents install on SELinux hardened
systems
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1641285/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
