Xen 		  
Home Products Support Community News
 
   

Debian TLS libc diversion by script

As noted in DebianSarge, (a) Debian doesn't come with a Xen-friendly libc and (b) just moving /lib/tls aside won't fix it because the next libc upgrade will just put the files back.

Here is a script which can be used to help with this situation. You say 

  # xen-divert-tls-libc do

and it will (wittering somewhat) move the contents of /lib/tls aside and install diversions and an immutable flag to prevent dpkg from putting them back.

For most libc upgrades, the diversions are sufficient. But if a libc upgrade contains a new file for /lib/tls, an additional diversion needs to be added. In the meantime, the upgrade will fail with dpkg reporting a "Permission denied" error. The correct approach for resolving this is to run 

 # xen-divert-tls-libc undo

before the upgrade. This will put the tls libc back (and you'll see the warning from xen about the poor performance). You can then run dpkg happily to install the new libc, and then rerun do afterwards.

Note that if the script fails, or is interrupted while running, the situation is not good. You will have inconsistent libcs and many programs may not work; if this happens to you I suggest you move /lib/tls/* aside by hand ASAP (doing chattr -i /lib/tls first if necessary).

  • To avoid confusion on multiple-administrator systems, it's advisable to create an informative /lib/tls/README.txt in the immutable empty directory.

xen-divert-tls-libc script

#!/bin/sh

set -e

cd /lib

eachfile () {
        find -type f | sh -ec "while read f; do
                $1
        done"
}

case "$#.$1" in
1.'do')
        mkdir -p tls-aside
        cd tls
        find -type d -exec sh -c 'mkdir -p /lib/tls-aside/$1' x '{}' \;
        eachfile 'dpkg-divert --add --divert "/lib/tls-aside/$f" "/lib/tls/$f"'
        eachfile 'mv "/lib/tls/$f" "/lib/tls-aside/$f"'
        chattr +i .
        echo 'xen libc workaround enabled, diversions installed: 
 tls disabled, libc upgrade may be troubled'
        ;;
1.'undo')
        chattr -i tls
        if test -d tls-aside; then
                cd tls-aside
                eachfile 'mv "/lib/tls-aside/$f" "/lib/tls/$f"'
                cd ..
                rmdir tls-aside
        fi
        dpkg-divert --list | perl -ne '
                next unless 
            s,^local diversion of (/lib/tls/),dpkg-divert --remove $1,;
                next unless s, to /lib/tls-aside/\S+$,,;
                print or die $!;
        ' | sh -e
        echo 'xen libc workaround disabled, normal status restored: 
 tls enabled, libc upgrade definitely possible'
        ;;
*)
        echo >&1 "usage: $0 do|undo"
esac

exit 0

DebianTlsLibcDiversion (last edited 2006-05-03 09:31:26 by MattJohnston)

  
   

Copyright , Citrix Systems, Inc. All rights reserved. Legal and Privacy