There have been a number of questions regarding problem with starting X
after the recent security update. This email is an attempt to summarize
the situation, provide insight, demonstrate the process as a whole, and
clear up some confusion with the solution.
Solution:
It is believed that anyone who runs 'yum clean all; yum update' at this
time will have the problem fixed.
Praise for the SL community from Pat and Connie:
The community immediately started working together to get this resolved.
The attitude expressed by the 20+ emails on the list was generally
wonderful. Helpful details were given, explanations were provided to
people of all sorts of skill sets - in general people started pitching
in and being wonderfully helpful. People mostly provided fixes or
troubleshooting information.
Thanks for that, it means a lot witnessing how helpful everyone on the
list can be in times like this!
Cause:
At the root of the problem was the security update for xorg-x11-server
published on July 9th. The problem was caused by a change in the module
ABI for loading xorg drivers that happened in SL6.2. That change was a
bugfix and not a security update, so it was not pushed out to earlier
releases. The security update for xorg-x11-server uses the new ABI. The
package, however, does not force the use of these newer drivers though
any rpm dependency tools - such as requires, conflicts, or obsoletes.
Thus the xorg-x11-drv update can be installed without incident, even
though it will not work as expected. Our usual dependency resolution
process is unable to locate and report dependencies that are not listed
by the package. The change in the ABI happened with SL6.2, but none of
the xorg packages were security errata at that time. So, we didn't
catch the problem then as we didn't have to integrate the 6.2 ABI with
the 6.1 ABI.
On the period in testing:
The xorg-x11-server package was in the sl-testing repository for 12 days
before the date of release.
I received a few reports from people who tested the packages while they
were in testing. It appears that those testers were on 6.2 and thus
didn't run into the incompatibility problem. There were no problems
reported with this package during the testing window.
I tested these packages. My test system was SL6.2 and uses the ERRepo
nvidia kmod. So I did not encounter any problems.
Details on the solution:
Several packages that were present in SL6.2 have been placed in the
security tree for SL6.1 and SL6.0.[1] They have been working on 6.2 for
some time now, and I have many reports of things working as expected for
people using them. SL6.0-SL6.2 have also received some driver updates
that will be present in SL6.3. It is believed that this is exactly what
upstream has done for their release.
Forward looking resolution:
A bug has been filed with upstream to have the 'conflicts' section
updated. The upstream bug number is 840078. If the fix listed there is
placed in the next version of this rpm by upstream the problem should
not reoccur.
Answers to common questions:
Q: Who was affected?
A: Anyone who was running Scientific Linux 6.0 or 6.1 and dependent on
the xorg-x11-drv provided drivers for running the X server.
Q: Why didn't you just automatically include all the drivers?
A: We provide the older point releases as an attempt to provide a
reasonably unchanging platform. Many of our users have their
applications certified with very specific versions of things. When
putting new security packages in older releases our approach is simply,
"If nothing forces me to add this package I wont add it." Nothing in
the package itself said that these drivers were required for
functionality. Furthermore, with SL6.2 the x11-xorg-drv-* packages
provided with the initial release seem to work just fine with this new
xorg-x11-server package. This is part of the upstream attempt to
preserve a consistent ABI. Usually when the ABI changes this is noted
in either a 'requires' section or a 'conflicts' section.
Q: Shouldn't I just get new drivers every time there is a new X?
A: Not necessarily. For example, with SL6.1 the wacom and xgi drivers
were identical to the SL6.0 packages. Upstream didn't update them for
that release. And with 6.3 the only updated drivers are currently for
ati, intel, mga, and wacom. If they didn't rebuild it there shouldn't
be a need for us to rebuild it.
Q: Can you just make it your policy to release X drivers every time
there is a new X?
A: If this is something you need, I would encourage you to instead move
to the 6x release. As we are trying to keep the releases as unchanging
as possible while remaining secure. Adding non-security packages only
happens to resolve dependency issues.
Q: Some of these packages are from February, aren't they too old?
A: No, the packages from February are those that came with SL6.2. They
have been working for a while with the updated xorg ABI. The packages
are 'new' to 6.1 and 6.0, but have been around since February as a part
of the SL6.2 tree.
Q: Why did it take 3 days to fix?
A: Many of the early problem reports required additional research.
Several of the people reporting problems are many hours off from the
people working with them to get more information. Additionally, several
users were quick to discover moving to 6.2 corrected the issue. This
was wonderful, however, many people simply moved to SL6.2 rather than
installing the packages posted to testing. This makes sense as SL6.2
was available instantly, while the testing packages were being assembled
and having their dependencies checked. This is not a criticism of that
solution. However, getting independent verification that the packages
in testing actually fixed the problem was a priority before they got
pushed out. If they had compounded the issue rather than resolving it,
the additional problems would have further made a mess of things. Once
reports came in from two community members that the packages in testing
fixed the issue, they were pushed.
[1]
list of 6.2 packages published to 6.0 and 6.1
i386:
xorg-x11-drivers-7.3-13.3.el6.i686.rpm
xorg-x11-drv-acecad-1.5.0-3.el6.i686.rpm
xorg-x11-drv-aiptek-1.4.1-2.el6.i686.rpm
xorg-x11-drv-apm-1.2.3-2.el6.i686.rpm
xorg-x11-drv-ast-0.91.10-1.el6.i686.rpm
xorg-x11-drv-cirrus-1.3.2-2.el6.i686.rpm
xorg-x11-drv-dummy-0.3.4-1.el6.i686.rpm
xorg-x11-drv-elographics-1.3.0-2.el6.i686.rpm
xorg-x11-drv-evdev-2.6.0-2.el6.i686.rpm
xorg-x11-drv-evdev-devel-2.6.0-2.el6.i686.rpm
xorg-x11-drv-fbdev-0.4.2-2.el6.i686.rpm
xorg-x11-drv-fpit-1.4.0-2.el6.i686.rpm
xorg-x11-drv-geode-2.11.12-1.el6.i686.rpm
xorg-x11-drv-glint-1.2.5-1.el6.i686.rpm
xorg-x11-drv-hyperpen-1.4.1-2.el6.i686.rpm
xorg-x11-drv-i128-1.3.4-1.el6.i686.rpm
xorg-x11-drv-i740-1.3.2-2.el6.i686.rpm
xorg-x11-drv-keyboard-1.6.0-1.el6.i686.rpm
xorg-x11-drv-mach64-6.9.0-1.el6.i686.rpm
xorg-x11-drv-mouse-1.7.0-4.el6.i686.rpm
xorg-x11-drv-mutouch-1.3.0-2.el6.i686.rpm
xorg-x11-drv-neomagic-1.2.5-1.el6.i686.rpm
xorg-x11-drv-nouveau-0.0.16-13.20110719gitde9d1ba.el6.i686.rpm
xorg-x11-drv-nv-2.1.18-2.el6.i686.rpm
xorg-x11-drv-openchrome-0.2.904-4.el6.i686.rpm
xorg-x11-drv-openchrome-devel-0.2.904-4.el6.i686.rpm
xorg-x11-drv-penmount-1.5.0-2.el6.i686.rpm
xorg-x11-drv-qxl-0.0.14-13.el6_2.i686.rpm
xorg-x11-drv-r128-6.8.1-3.el6.i686.rpm
xorg-x11-drv-rendition-4.2.4-1.el6.i686.rpm
xorg-x11-drv-s3virge-1.10.4-2.el6.i686.rpm
xorg-x11-drv-savage-2.3.2-1.el6.i686.rpm
xorg-x11-drv-siliconmotion-1.7.5-1.el6.i686.rpm
xorg-x11-drv-sis-0.10.3-1.el6.i686.rpm
xorg-x11-drv-sisusb-0.9.4-1.el6.i686.rpm
xorg-x11-drv-synaptics-1.4.1-3.el6.i686.rpm
xorg-x11-drv-synaptics-devel-1.4.1-3.el6.i686.rpm
xorg-x11-drv-tdfx-1.4.3-2.el6.i686.rpm
xorg-x11-drv-trident-1.3.4-1.el6.i686.rpm
xorg-x11-drv-v4l-0.2.0-4.el6.i686.rpm
xorg-x11-drv-vesa-2.3.0-2.el6.i686.rpm
xorg-x11-drv-vmmouse-12.7.0-1.el6.i686.rpm
xorg-x11-drv-vmware-11.0.3-1.el6.i686.rpm
xorg-x11-drv-void-1.4.0-1.el6.i686.rpm
xorg-x11-drv-voodoo-1.2.4-1.el6.i686.rpm
xorg-x11-drv-xgi-1.6.0-11.el6.i686.rpm
x86_64:
xorg-x11-drv-acecad-1.5.0-3.el6.x86_64.rpm
xorg-x11-drv-aiptek-1.4.1-2.el6.x86_64.rpm
xorg-x11-drv-apm-1.2.3-2.el6.x86_64.rpm
xorg-x11-drv-ast-0.91.10-1.el6.x86_64.rpm
xorg-x11-drv-cirrus-1.3.2-2.el6.x86_64.rpm
xorg-x11-drv-dummy-0.3.4-1.el6.x86_64.rpm
xorg-x11-drv-elographics-1.3.0-2.el6.x86_64.rpm
xorg-x11-drv-evdev-2.6.0-2.el6.x86_64.rpm
xorg-x11-drv-evdev-devel-2.6.0-2.el6.i686.rpm
xorg-x11-drv-evdev-devel-2.6.0-2.el6.x86_64.rpm
xorg-x11-drv-fbdev-0.4.2-2.el6.x86_64.rpm
xorg-x11-drv-fpit-1.4.0-2.el6.x86_64.rpm
xorg-x11-drv-glint-1.2.5-1.el6.x86_64.rpm
xorg-x11-drv-hyperpen-1.4.1-2.el6.x86_64.rpm
xorg-x11-drv-i128-1.3.4-1.el6.x86_64.rpm
xorg-x11-drv-i740-1.3.2-2.el6.x86_64.rpm
xorg-x11-drv-keyboard-1.6.0-1.el6.x86_64.rpm
xorg-x11-drv-mach64-6.9.0-1.el6.x86_64.rpm
xorg-x11-drv-mouse-1.7.0-4.el6.x86_64.rpm
xorg-x11-drv-mutouch-1.3.0-2.el6.x86_64.rpm
xorg-x11-drv-nouveau-0.0.16-13.20110719gitde9d1ba.el6.x86_64.rpm
xorg-x11-drv-nv-2.1.18-2.el6.x86_64.rpm
xorg-x11-drv-openchrome-0.2.904-4.el6.i686.rpm
xorg-x11-drv-openchrome-0.2.904-4.el6.x86_64.rpm
xorg-x11-drv-openchrome-devel-0.2.904-4.el6.i686.rpm
xorg-x11-drv-openchrome-devel-0.2.904-4.el6.x86_64.rpm
xorg-x11-drv-penmount-1.5.0-2.el6.x86_64.rpm
xorg-x11-drv-qxl-0.0.14-13.el6_2.x86_64.rpm
xorg-x11-drv-r128-6.8.1-3.el6.x86_64.rpm
xorg-x11-drv-rendition-4.2.4-1.el6.x86_64.rpm
xorg-x11-drv-s3virge-1.10.4-2.el6.x86_64.rpm
xorg-x11-drv-savage-2.3.2-1.el6.x86_64.rpm
xorg-x11-drv-siliconmotion-1.7.5-1.el6.x86_64.rpm
xorg-x11-drv-sis-0.10.3-1.el6.x86_64.rpm
xorg-x11-drv-sisusb-0.9.4-1.el6.x86_64.rpm
xorg-x11-drv-synaptics-1.4.1-3.el6.x86_64.rpm
xorg-x11-drv-synaptics-devel-1.4.1-3.el6.i686.rpm
xorg-x11-drv-synaptics-devel-1.4.1-3.el6.x86_64.rpm
xorg-x11-drv-tdfx-1.4.3-2.el6.x86_64.rpm
xorg-x11-drv-trident-1.3.4-1.el6.x86_64.rpm
xorg-x11-drv-v4l-0.2.0-4.el6.x86_64.rpm
xorg-x11-drv-vesa-2.3.0-2.el6.x86_64.rpm
xorg-x11-drv-vmmouse-12.7.0-1.el6.x86_64.rpm
xorg-x11-drv-vmware-11.0.3-1.el6.x86_64.rpm
xorg-x11-drv-void-1.4.0-1.el6.x86_64.rpm
xorg-x11-drv-voodoo-1.2.4-1.el6.x86_64.rpm
xorg-x11-drv-xgi-1.6.0-11.el6.x86_64.rpm
|
