Bug 1427895
| Summary: | EPEL7: Updating Nagios from 4.0.8 to 4.2.4 breaks existing installations | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora EPEL | Reporter: | Lenz Grimmer <lenz> | ||||
| Component: | nagios | Assignee: | Stephen John Smoogen <smooge> | ||||
| Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | epel7 | CC: | affix, athmanem, b.heden, jose.p.oliveira.oss, lemenkov, linux, ondrejj, shawn.starr, smooge, smooge, s, swilkerson | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2017-03-02 16:32:37 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Lenz Grimmer
2017-03-01 13:21:40 UTC
I understand that this is a second large update. The package had been left without an active maintainer for 2 years and had multiple unfixed security problems in it. The first massive update occurred before I took over and at that time it was either upgrade to latest or remove the package from the archive. FWIW, I have blogged and emailed about it being a large disruptive breakage and asked for feedback and testing multiple times. I also got a go ahead from the EPEL Steering Committee that this update was going to happen and followed all the rules for that. I will also bring it up at this weeks meeting that you feel that this package is not meeting guidelines. [I will recuse myself from the debate because I am currently on the committee.] If you are wanting to help on this I would really appreciate constructive feedback and work on getting things working for people. I know nagios is an important product and don't want screw with people.. Upstream does not offer fixes for the old versions without a contract with them and they are mostly focused on getting their customers to the latest version. The code changes greatly in between versions so trying to back port patches in the PHP parts which have had most of the security problems is more than anyone has been willing to do. Hi John, thanks for your reply, much appreciated! (In reply to Stephen John Smoogen from comment #1) > I understand that this is a second large update. The package had been left > without an active maintainer for 2 years and had multiple unfixed security > problems in it. The first massive update occurred before I took over and at > that time it was either upgrade to latest or remove the package from the > archive. I see, thank you for the background information, and for looking after this package to begin with. > FWIW, I have blogged and emailed about it being a large disruptive breakage > and asked for feedback and testing multiple times. That information unfortunately did not reach us or the our users that have reported issues with Nagios to us :/ Would you mind sharing the URLs of these blog posts, so we can refer our users to them? > I also got a go ahead > from the EPEL Steering Committee that this update was going to happen and > followed all the rules for that. I will also bring it up at this weeks > meeting that you feel that this package is not meeting guidelines. [I will > recuse myself from the debate because I am currently on the committee.] Thanks, that'd be appreciated. I think some of the breakage could have been avoided by sticking to the path names and file locations as they were established by the previous versions. Admittedly they were not perfect (and likely violated the FHS in some places), but the combination of updating to a new major version *combined* with the shuffling of files and directories was a tad bit too much change in my opinion. > If you are wanting to help on this I would really appreciate constructive > feedback and work on getting things working for people. I know nagios is an > important product and don't want screw with people.. I wish I had known about the upcoming changes beforehand, I admit I do not follow the development of EPEL closely. The cat's out of the bag now anyway, so changing things again at this point will likely cause even more confusion. > Upstream does not offer fixes for the old versions without a contract with > them and they are mostly focused on getting their customers to the latest > version. The code changes greatly in between versions so trying to back port > patches in the PHP parts which have had most of the security problems is > more than anyone has been willing to do. Which is understandable. In our case we also suffered from the fact that the PNP4Nagios Broker Module npcdmod.o no longer works on Nagios 4.x., but that's a different story. At this point there is probably not much that can be done about this other than having users migrate their configurations manually after an update. So I guess you can close this one as WONTFIX... FWIW, I've documented the process for our users in our bug tracker now: https://tracker.openattic.org/browse/OP-1955 And if you're curious about the pain that we had with the last update to 4.0.8, feel free to take a look at https://tracker.openattic.org/browse/OP-1955 Blog Places where I brought up the changes to nagios package: http://smoogespace.blogspot.com/2016/11/updating-nagios-in-epel-7-looking-for.html http://smoogespace.blogspot.com/2017/02/major-update-to-nagios-in-fedora.html http://smoogespace.blogspot.com/2017/02/major-update-to-fedoraepel-moving-to.html https://lists.fedorahosted.org/archives/list/epel-devel@lists.fedoraproject.org/thread/R7IXWBY5DTHXEEQPYYJFO53MJK4QD2GW/ The working on updating nagios has been going on since last October or so as it was found that the previous package maintainer was no longer responding to emails. So communication on it has been spread out over some time. Thanks for the pointers, much appreciated. We'll probably write up a blog post to inform our users about this change and how they can fix their installations. I am going to close this as CANTFIX versus WONTFIX. The time it could have been fixed was while this was in testing but it can't be postfixed. I am going to put into place a couple of README to fix the issues found. |