Emerge blocker: =net-analyzer/openvas-7.0.6

After a Portage tree sync, OpenVAS was to be upgraded to version 7.0.6 (having ACCEPT_KEYWORDS ~amd64).

Unfortunately, this somehow triggered Portage into belching out a lot of blocker errors. Even after unmerging all OpenVAS packages to start over from a clean state, Portage still wanted me to install the following:

$ eix -e openvas
* net-analyzer/openvas
     Available versions:  (~)7.0.6 **8_beta3 **8_beta4 {+pdf}
     Homepage:            http://www.openvas.org/
     Description:         A remote security scanner

$ emerge -pv openvas

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild  N    ~] net-analyzer/openvas-tools-0_pre20512  46 KiB
[ebuild  N     ] dev-libs/hiredis-0.11.0-r1  USE="-static-libs" 42 KiB
[ebuild  N    *] net-analyzer/openvas-libraries-8.0_beta4  USE="-ldap" 576 KiB
[ebuild  N    *] net-analyzer/openvas-cli-1.4_beta4  78 KiB
[ebuild  N    *] net-analyzer/greenbone-security-assistant-6.0_beta4  1 146 KiB
[ebuild  N    *] net-analyzer/openvas-scanner-5.0_beta4  236 KiB
[ebuild  N    *] net-analyzer/openvas-manager-6.0_beta3  1 789 KiB
[ebuild  N    *] net-analyzer/openvas-8_beta4  USE="pdf" 0 KiB

Total: 8 packages (8 new), Size of downloads: 3 910 KiB

!!! The following update has been skipped due to unsatisfied dependencies:

net-analyzer/openvas-manager:0

emerge: there are no ebuilds to satisfy "~net-analyzer/openvas-libraries-8_beta4".
(dependency required by "net-analyzer/openvas-manager-6.0_beta4" [ebuild])


The following keyword changes are necessary to proceed:
 (see "package.accept_keywords" in the portage(5) man page for more details)
# required by openvas (argument)
=net-analyzer/openvas-8_beta4 **
# required by net-analyzer/openvas-8_beta4
# required by openvas (argument)
=net-analyzer/openvas-manager-6.0_beta3 **
# required by net-analyzer/openvas-8_beta4
# required by openvas (argument)
=net-analyzer/openvas-tools-0_pre20512 ~amd64
# required by net-analyzer/openvas-8_beta4
# required by openvas (argument)
=net-analyzer/openvas-cli-1.4_beta4 **
# required by net-analyzer/greenbone-security-assistant-6.0_beta4
# required by net-analyzer/openvas-8_beta4
# required by openvas (argument)
=net-analyzer/openvas-libraries-8.0_beta4 **
# required by net-analyzer/openvas-8_beta4
# required by openvas (argument)
=net-analyzer/greenbone-security-assistant-6.0_beta4 **
# required by net-analyzer/openvas-8_beta4
# required by openvas (argument)
=net-analyzer/openvas-scanner-5.0_beta4 **

NOTE: The --autounmask-keep-masks option will prevent emerge
      from creating package.unmask or ** keyword changes.

That’s a little too much beta for me, and since eix reports that OpenVAS 7.0.6 is indeed not keyword-masked, I should be able to install it, right?

Turns out there’s something fishy with the dependencies for OpenVAS:

$ equery depgraph --depth=1 openvas-7.0.6
 * Searching for openvas7.0.6 ...

 * dependency graph for net-analyzer/openvas-7.0.6
 `--  net-analyzer/openvas-7.0.6  ~amd64
   `--  net-analyzer/openvas-libraries-7.0.6  (~net-analyzer/openvas-libraries-7.0.6) [~amd64 keyword]
   `--  net-analyzer/openvas-scanner-4.0.5  (~net-analyzer/openvas-scanner-4.0.5) [~amd64 keyword]
   `--  net-analyzer/openvas-manager-5.0.7  (~net-analyzer/openvas-manager-5.0.7) [~amd64 keyword]
   `--  net-analyzer/openvas-cli-1.3.1  (~net-analyzer/openvas-cli-1.3.1) [~amd64 keyword]
   `--  net-analyzer/openvas-tools-0_pre20512  (net-analyzer/openvas-tools) [~amd64 keyword]
   `--  net-analyzer/greenbone-security-assistant-5.0.4  (~net-analyzer/greenbone-security-assistant-5.0.4) [~amd64 keyword]
   `--  app-text/htmldoc-1.8.27-r3  (app-text/htmldoc) amd64
   `--  dev-texlive/texlive-latexextra-2012  (dev-texlive/texlive-latexextra) amd64
   `--  virtual/latex-base-1.0  (virtual/latex-base) amd64
[ net-analyzer/openvas-7.0.6 stats: packages (10), max depth (1) ]

$ equery depgraph --depth=1 openvas-cli-1.3.1
 * Searching for openvas-cli1.3.1 ...

 * dependency graph for net-analyzer/openvas-cli-1.3.1
 `--  net-analyzer/openvas-cli-1.3.1  [~amd64 keyword]
   `--  net-analyzer/openvas-libraries-7.0.5  (~net-analyzer/openvas-libraries-7.0.5) [~amd64 keyword]
   `--  virtual/pkgconfig-0-r1  (virtual/pkgconfig) ~amd64
   `--  sys-devel/make-4.1-r1  (sys-devel/make) ~amd64
   `--  dev-util/cmake-2.8.12.2-r1  (>=dev-util/cmake-2.8.12) amd64
   `--  sys-apps/findutils-4.4.2-r1  (>=sys-apps/findutils-4.4.0) amd64
[ net-analyzer/openvas-cli-1.3.1 stats: packages (6), max depth (1) ]

So openvas-7.0.6 depends on openvas-libraries-7.0.6 and openvas-cli-1.3.1 which itself depends on openvas-libraries-7.0.5? Not good.

Time for some ebuild(1) plumbing:

$ ebuild /use/portage/net-analyzer/openvas-libraries/openvas-libraries-7.0.6.ebuild merge clean
# lots of output
$ ebuild /use/portage/net-analyzer/openvas-cli/openvas-cli-1.3.1.ebuild merge clean
# lots of output, but no failure!

Now emerge works out the dependencies fine:

$ emerge -av openvas

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild  N    ~] net-analyzer/openvas-tools-0_pre20512  46 KiB
[ebuild  N    ~] net-analyzer/openvas-manager-5.0.7  1 698 KiB
[ebuild  N    ~] net-analyzer/openvas-scanner-4.0.5  211 KiB
[ebuild  N    ~] net-analyzer/greenbone-security-assistant-5.0.4  1 024 KiB
[ebuild  N    ~] net-analyzer/openvas-7.0.6  USE="pdf" 0 KiB

Total: 5 packages (5 new), Size of downloads: 2 977 KiB

Leave a Reply

Your email address will not be published. Required fields are marked *