Bug 171681
Summary: | Zope + Python 2.4= UNSUPPORTED | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Andreas Jung <lists> |
Component: | zope | Assignee: | Aurelien Bompard <gauret> |
Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4 | CC: | extras-qa |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-10-25 13:52:35 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Andreas Jung
2005-10-25 08:02:27 UTC
No need to be aggressive. There is no python 2.3 for Fedora Core 4. Zope just uses the same python as the rest of the system. I am not maintaining a whole separate version of python just for Zope (well, not alone, so if somebody wants to do that, fine). If you don't want to maintain Zope 2.8 with Python 2.3.5 then you should better remove any related zope package from FC. You have to document and inform the end-user that the package uses an unsupported software combination that is possibly valuable to security problems otherwise I can only consider such a behavior as irresponsible. I consider this packaging policy as totally counterproductive for Zope and its community. We have to deal all day long with requests from people installing such packages. It is annonying for the people asking and it is annoying for the people trying to help since you are wasting their time. If you can't get your packages right in the future I consider adding code to Zope 2 to avoid running with any unsupported Python version....your choice... Removing the Zope package from FC4 will not make a python 2.3 package appear out
of thin air. Since the Zope project does not ship binary Zope package with
included python as it used to, there is no way to run Zope on FC4 on a supported
version of python, with or without the rpm.
The package is not the problem here, you would have the exact same problem with
people installing the Zope tarball from zope.org on an FC4 system.
I'll add a warning about the fact that python 2.4 is unsupported with Zope 2.8,
and that people using the package should not file bug reports.
Again, I did not willingly make Zope run on python 2.4. It is just the version
of python that the rest of the distribution uses.
> If you can't get your packages right in the future I consider adding code to
> Zope 2 to avoid running with any unsupported Python version....your choice...
Is that a theat ? This is getting ridiculous, please calm down.
(In reply to comment #3) > > I'll add a warning about the fact that python 2.4 is unsupported with Zope 2.8, > and that people using the package should not file bug reports. > > Again, I did not willingly make Zope run on python 2.4. It is just the version > of python that the rest of the distribution uses. The configure script explictely tells you that Python 2.4 is not a supported Python version. If you ignore such a warning I can not take you serious as package maintainer. > > > If you can't get your packages right in the future I consider adding code to > > Zope 2 to avoid running with any unsupported Python version....your choice... > > Is that a theat ? This is getting ridiculous, please calm down. No, this is just a solution to prevent people from running unsupported software with possibly security related issues. In case of a security related issue this falls back to the Zope community and to me as release manager. Since I am in charge for Zope 2 it is my intent that people run an approved, reliable and securee software. What you are packaging or shipping is unapproved. As I said earlier: either consider the software recommendations or don't ship Zope with FC or document this issue clear enough. There is nothing about a thread - this just my legitamte fight against unproper packaging. OK, I understand your point, and I totally agree that it would be a lot better if Zope could run on python 2.3 on FC4. Except, it is not possible at the moment, with or witout a Zope RPM. Let's say I never packaged Zope for FC4. People downloading the Zope tarball on zope.org and installing on FC4 will *have* to run it on python 2.4, since there is no other version of python for this distribution. The only difference is that they would get a warning, and I will add that warning to the RPM. What else could I do ? As I stated earler: when you run "configure" of Zope it does definitely complain about the Python version. It says "No suitable Python vesion found. You should install python version 2.3.5 before continuing". The configure script contains a list of optimal and acceptable Python versions but Python 2.4.X is not part of the configuration - for good reasons as explained. So the end-user running Zope with Python2.4 must explictly override the configuration --with-python. All Zope 2.8 annocunements on the web page, mailinglists and the doc/INSTALL.txt say: don't use Python 2.4, it's not supported...so I assume that the user should be informed enough...the documentation also explains the reasons why not to use Python 2.4. If a user installs a binary package as the FC4 RPMs he does not get this information...so the user can not be aware of any risk. OK, I'll add the warning. I'll add it in the RPM's description, and on the default index_html too. Does this sound OK to you ? Any other idea ? Not to pour gasoline into a smouldering fire, but... > some *SECURITY* risk and the risk of software malfunction!!!! > We have to deal all day long with requests from people installing > such packages. It is annonying for the people asking and it is > annoying for the people trying to help since you are wasting their time. ...please be so kind and link any known incidents where the official Fedora Extras packages of Zope in combination with the official Python packages of Fedora Core have caused problems, which resulted in users seeking for help via your project resources. Thank you. Warning added in release 2 Thanks, this sounds like a good idea. I've added a message in red and in bold on the default page (zope-quickstart), warning the user that they run an unsupported combination of zope and python, and that they should not file bugreports or ask for support on zope.org. Thanks for pointing this out. > If you can't get your packages right in the future I consider adding code to
> Zope 2 to avoid running with any unsupported Python version....your choice...
IMHO, all this would most likely lead to is your code getting patched out as
was done with the KDE anti-GCC-4.0.0 check. (In the KDE case, the GCC bug they
were trying to protect users from was fixed in Fedora with an extra patch
though, so the situation's a bit different.)
This bug has been resolved in the best way we could think of, *please* don't bring up a useless discussion about who's got the more power. Hi Aurelien. As I'm starting with Zope+Plone in upcoming FC5, I installed them from Fedora Extras repository (zope-2.8.5-1.fc5 and plone-2.1.2-1.fc5) and after starting zope I suddenly arrived here ;-) I noticed that: - python version in FC5 is going to be 2.4.2-3.2.1 - On 24.02.2006 Zope 2.9.1 was released with these notes: "Support Python versions: Zope 2.9 requires Python 2.4.2 (Python 2.4.1 is still acceptable). Older Python versions are no longer supported." See http://www.zope.org/Products/Zope/2.9.1/Zope-2_9_1-released So the problem seems to automagically near to be solved... I would like to contribute with initial packaging, but perhaps you could be at release date. Let me know if I can help: I'm going to do some tests this week end. Thanks for your attention. Gianluca Replying off-bugzilla, no need to bother Andreas with this. |