Compare commits

..

No commits in common. "6e746539a90b46d5e447f6a7b6b278c93227c0dc" and "dda857ac89f287e159d8742b6574e042bdb3e677" have entirely different histories.

43 changed files with 0 additions and 31567 deletions

1
.gitignore vendored
View File

@ -1 +0,0 @@
SOURCES/dnf-4.7.0.tar.gz

View File

@ -1,26 +0,0 @@
From 423c987b6b14ec0a6277181ac7c038b50033296d Mon Sep 17 00:00:00 2001
From: Pavla Kratochvilova <pkratoch@redhat.com>
Date: Wed, 19 May 2021 12:58:30 +0200
Subject: [PATCH] Set top-level directory for unittest
In some build environments, the top-level directory is not added to
the sys.path and the tests fail. This fixes the issue.
---
tests/CMakeLists.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index b15cc62b..dedc46fd 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -1,6 +1,6 @@
ADD_TEST(
NAME test
- COMMAND ${PYTHON_EXECUTABLE} -m unittest discover -s tests
+ COMMAND ${PYTHON_EXECUTABLE} -m unittest discover -s tests -t ${PROJECT_SOURCE_DIR}
WORKING_DIRECTORY ${PROJECT_SOURCE_DIR})
# For libdnf built with sanitizers, has no effect otherwise.
--
2.35.1

View File

@ -1,36 +0,0 @@
From 8522c4651678097157fd9f133a451c892021d30b Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Tue, 4 May 2021 22:03:30 +0200
Subject: [PATCH] dnf/rpm/miscutils.py: fix usage of _()
Specifically:
- an import of _ was missing
- _ was reused for a different purpose
---
dnf/rpm/miscutils.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/dnf/rpm/miscutils.py b/dnf/rpm/miscutils.py
index 235aaf28..7e33d4c4 100644
--- a/dnf/rpm/miscutils.py
+++ b/dnf/rpm/miscutils.py
@@ -22,6 +22,7 @@ import subprocess
import logging
from dnf.i18n import ucd
+from dnf.i18n import _
from shutil import which
@@ -46,7 +47,7 @@ def _verifyPkgUsingRpmkeys(package, installroot):
env={'LC_ALL': 'C'},
stdout=subprocess.PIPE,
cwd='/') as p:
- data, _ = p.communicate()
+ data, err = p.communicate()
if p.returncode != 0 or data != (package.encode('ascii', 'strict') + b': digests signatures OK\n'):
return 0
else:
--
2.35.1

View File

@ -1,56 +0,0 @@
From f109c57ab18d8b1a80e707df3c3f7ad8930bdd42 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Tue, 27 Apr 2021 21:07:19 -0400
Subject: [PATCH] Pass the package to rpmkeys stdin
This avoids having to compute the expected stdout value, which will
always be the constant "-: digests signatures OK\n".
---
dnf/rpm/miscutils.py | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/dnf/rpm/miscutils.py b/dnf/rpm/miscutils.py
index 7e33d4c4..5f2621c2 100644
--- a/dnf/rpm/miscutils.py
+++ b/dnf/rpm/miscutils.py
@@ -29,7 +29,8 @@ from shutil import which
logger = logging.getLogger('dnf')
-def _verifyPkgUsingRpmkeys(package, installroot):
+def _verifyPkgUsingRpmkeys(package, installroot, fdno):
+ os.lseek(fdno, 0, os.SEEK_SET)
rpmkeys_binary = '/usr/bin/rpmkeys'
if not os.path.isfile(rpmkeys_binary):
rpmkeys_binary = which("rpmkeys")
@@ -40,15 +41,16 @@ def _verifyPkgUsingRpmkeys(package, installroot):
logger.critical(_('Cannot find rpmkeys executable to verify signatures.'))
return 0
- args = ('rpmkeys', '--checksig', '--root', installroot, '--define', '_pkgverify_level all', '--', package)
+ args = ('rpmkeys', '--checksig', '--root', installroot, '--define', '_pkgverify_level all', '-')
with subprocess.Popen(
args=args,
executable=rpmkeys_binary,
env={'LC_ALL': 'C'},
+ stdin=fdno,
stdout=subprocess.PIPE,
cwd='/') as p:
data, err = p.communicate()
- if p.returncode != 0 or data != (package.encode('ascii', 'strict') + b': digests signatures OK\n'):
+ if p.returncode != 0 or data != b'-: digests signatures OK\n':
return 0
else:
return 1
@@ -85,7 +87,7 @@ def checkSig(ts, package):
if siginfo == '(none)':
value = 4
- elif "Key ID" in siginfo and _verifyPkgUsingRpmkeys(package, ts.ts.rootDir):
+ elif "Key ID" in siginfo and _verifyPkgUsingRpmkeys(package, ts.ts.rootDir, fdno):
value = 0
else:
raise ValueError('Unexpected return value %r from hdr.sprintf when checking signature.' % siginfo)
--
2.35.1

View File

@ -1,174 +0,0 @@
From 9798e9ee85f1ba39c816fa08fd3d6168cc8b29e8 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Fri, 9 Apr 2021 13:03:03 -0400
Subject: [PATCH] Use rpmkeys alone to verify signature
This avoids having to actually parse the package to check its signature,
which reduces attack surface. If the output of rpmkeys cannot be
parsed, we assume the package is corrupt (the most likely cause).
---
dnf/rpm/miscutils.py | 126 ++++++++++++++++++++++---------------------
1 file changed, 66 insertions(+), 60 deletions(-)
diff --git a/dnf/rpm/miscutils.py b/dnf/rpm/miscutils.py
index 5f2621c2..9d5b2860 100644
--- a/dnf/rpm/miscutils.py
+++ b/dnf/rpm/miscutils.py
@@ -13,47 +13,84 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# Copyright 2003 Duke University
-from __future__ import print_function, absolute_import
-from __future__ import unicode_literals
+from __future__ import print_function, absolute_import, unicode_literals
-import rpm
import os
import subprocess
import logging
-
-from dnf.i18n import ucd
-from dnf.i18n import _
from shutil import which
+from dnf.i18n import _
-logger = logging.getLogger('dnf')
+_logger = logging.getLogger('dnf')
+_rpmkeys_binary = None
+def _find_rpmkeys_binary():
+ global _rpmkeys_binary
+ if _rpmkeys_binary is None:
+ _rpmkeys_binary = which("rpmkeys")
+ _logger.debug(_('Using rpmkeys executable at %s to verify signatures'),
+ _rpmkeys_binary)
+ return _rpmkeys_binary
-def _verifyPkgUsingRpmkeys(package, installroot, fdno):
- os.lseek(fdno, 0, os.SEEK_SET)
- rpmkeys_binary = '/usr/bin/rpmkeys'
- if not os.path.isfile(rpmkeys_binary):
- rpmkeys_binary = which("rpmkeys")
- logger.info(_('Using rpmkeys executable from {path} to verify signature for package: {package}.').format(
- path=rpmkeys_binary, package=package))
+def _process_rpm_output(data):
+ # No signatures or digests = corrupt package.
+ # There is at least one line for -: and another (empty) entry after the
+ # last newline.
+ if len(data) < 3 or data[0] != b'-:' or data[-1]:
+ return 2
+ seen_sig, missing_key, not_trusted, not_signed = False, False, False, False
+ for i in data[1:-1]:
+ if b': BAD' in i:
+ return 2
+ elif i.endswith(b': NOKEY'):
+ missing_key = True
+ elif i.endswith(b': NOTTRUSTED'):
+ not_trusted = True
+ elif i.endswith(b': NOTFOUND'):
+ not_signed = True
+ elif not i.endswith(b': OK'):
+ return 2
+ if not_trusted:
+ return 3
+ elif missing_key:
+ return 1
+ elif not_signed:
+ return 4
+ # we still check return code, so this is safe
+ return 0
- if not os.path.isfile(rpmkeys_binary):
- logger.critical(_('Cannot find rpmkeys executable to verify signatures.'))
- return 0
+def _verifyPackageUsingRpmkeys(package, installroot):
+ rpmkeys_binary = _find_rpmkeys_binary()
+ if rpmkeys_binary is None or not os.path.isfile(rpmkeys_binary):
+ _logger.critical(_('Cannot find rpmkeys executable to verify signatures.'))
+ return 2
- args = ('rpmkeys', '--checksig', '--root', installroot, '--define', '_pkgverify_level all', '-')
+ # "--define=_pkgverify_level all" enforces signature checking;
+ # "--define=_pkgverify_flags 0x0" ensures that all signatures and digests
+ # are checked.
+ args = ('rpmkeys', '--checksig', '--root', installroot, '--verbose',
+ '--define=_pkgverify_level all', '--define=_pkgverify_flags 0x0',
+ '-')
with subprocess.Popen(
args=args,
executable=rpmkeys_binary,
env={'LC_ALL': 'C'},
- stdin=fdno,
stdout=subprocess.PIPE,
- cwd='/') as p:
- data, err = p.communicate()
- if p.returncode != 0 or data != b'-: digests signatures OK\n':
- return 0
- else:
- return 1
+ cwd='/',
+ stdin=package) as p:
+ data = p.communicate()[0]
+ returncode = p.returncode
+ if type(returncode) is not int:
+ raise AssertionError('Popen set return code to non-int')
+ # rpmkeys can return something other than 0 or 1 in the case of a
+ # fatal error (OOM, abort() called, SIGSEGV, etc)
+ if returncode >= 2 or returncode < 0:
+ return 2
+ ret = _process_rpm_output(data.split(b'\n'))
+ if ret:
+ return ret
+ return 2 if returncode else 0
def checkSig(ts, package):
"""Takes a transaction set and a package, check it's sigs,
@@ -63,40 +100,9 @@ def checkSig(ts, package):
return 3 if the key is not trusted
return 4 if the pkg is not gpg or pgp signed"""
- value = 4
- currentflags = ts.setVSFlags(0)
- fdno = os.open(package, os.O_RDONLY)
+ fdno = os.open(package, os.O_RDONLY|os.O_NOCTTY|os.O_CLOEXEC)
try:
- hdr = ts.hdrFromFdno(fdno)
- except rpm.error as e:
- if str(e) == "public key not available":
- value = 1
- elif str(e) == "public key not trusted":
- value = 3
- elif str(e) == "error reading package header":
- value = 2
- else:
- raise ValueError('Unexpected error value %r from ts.hdrFromFdno when checking signature.' % str(e))
- else:
- # checks signature from an hdr
- string = '%|DSAHEADER?{%{DSAHEADER:pgpsig}}:{%|RSAHEADER?{%{RSAHEADER:pgpsig}}:' \
- '{%|SIGGPG?{%{SIGGPG:pgpsig}}:{%|SIGPGP?{%{SIGPGP:pgpsig}}:{(none)}|}|}|}|'
- try:
- siginfo = hdr.sprintf(string)
- siginfo = ucd(siginfo)
-
- if siginfo == '(none)':
- value = 4
- elif "Key ID" in siginfo and _verifyPkgUsingRpmkeys(package, ts.ts.rootDir, fdno):
- value = 0
- else:
- raise ValueError('Unexpected return value %r from hdr.sprintf when checking signature.' % siginfo)
- except UnicodeDecodeError:
- pass
-
- del hdr
-
- os.close(fdno)
-
- ts.setVSFlags(currentflags) # put things back like they were before
+ value = _verifyPackageUsingRpmkeys(fdno, ts.ts.rootDir)
+ finally:
+ os.close(fdno)
return value
--
2.35.1

View File

@ -1,37 +0,0 @@
From 185330e5d5f5e07f40ed08c706fd997abffd5e78 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Thu, 3 Jun 2021 11:23:31 +0200
Subject: [PATCH] Lower _pkgverify_level to signature for signature checking
with rpmkeys
We don't want to be veryfing digests as well when checking signatures.
It would break legacy package installation in FIPS mode due to MD5
digest being unverifiable (see https://access.redhat.com/solutions/5221661)
Follow up for https://github.com/rpm-software-management/dnf/pull/1753
---
dnf/rpm/miscutils.py | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/dnf/rpm/miscutils.py b/dnf/rpm/miscutils.py
index 9d5b2860..46ef4754 100644
--- a/dnf/rpm/miscutils.py
+++ b/dnf/rpm/miscutils.py
@@ -66,11 +66,10 @@ def _verifyPackageUsingRpmkeys(package, installroot):
_logger.critical(_('Cannot find rpmkeys executable to verify signatures.'))
return 2
- # "--define=_pkgverify_level all" enforces signature checking;
- # "--define=_pkgverify_flags 0x0" ensures that all signatures and digests
- # are checked.
+ # "--define=_pkgverify_level signature" enforces signature checking;
+ # "--define=_pkgverify_flags 0x0" ensures that all signatures are checked.
args = ('rpmkeys', '--checksig', '--root', installroot, '--verbose',
- '--define=_pkgverify_level all', '--define=_pkgverify_flags 0x0',
+ '--define=_pkgverify_level signature', '--define=_pkgverify_flags 0x0',
'-')
with subprocess.Popen(
args=args,
--
2.35.1

View File

@ -1,101 +0,0 @@
From 6766d3af1993d48f5548746e68268e674e52bd1d Mon Sep 17 00:00:00 2001
From: Gary Leydon <gary.leydon@yale.edu>
Date: Fri, 21 May 2021 14:13:59 -0400
Subject: [PATCH] add default colors to documentation
---
doc/conf_ref.rst | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/doc/conf_ref.rst b/doc/conf_ref.rst
index ec5bac2a..fcaa0319 100644
--- a/doc/conf_ref.rst
+++ b/doc/conf_ref.rst
@@ -498,72 +498,72 @@ configuration file by your distribution to override the DNF defaults.
:ref:`color <color-label>`
Color of available packages that are older than installed packages.
- The option is used during list operations.
+ The option is used during list operations. Default is dim,cyan.
``color_list_available_install``
:ref:`color <color-label>`
Color of packages that are available for installation and none of their versions in installed.
- The option is used during list operations.
+ The option is used during list operations. Default is normal.
``color_list_available_reinstall``
:ref:`color <color-label>`
- Color of available packages that are identical to installed versions and are available for reinstalls.
+ Color of available packages that are identical to installed versions and are available for reinstalls. Default is bold,underline,green.
The option is used during list operations.
``color_list_available_upgrade``
:ref:`color <color-label>`
- Color of available packages that are newer than installed packages.
+ Color of available packages that are newer than installed packages. Default is bold,blue.
The option is used during list operations.
``color_list_installed_extra``
:ref:`color <color-label>`
Color of installed packages that do not have any version among available packages.
- The option is used during list operations.
+ The option is used during list operations. Default is bold,red.
``color_list_installed_newer``
:ref:`color <color-label>`
Color of installed packages that are newer than any version among available packages.
- The option is used during list operations.
+ The option is used during list operations. Default is bold,yellow.
``color_list_installed_older``
:ref:`color <color-label>`
Color of installed packages that are older than any version among available packages.
- The option is used during list operations.
+ The option is used during list operations. Default is bold.
``color_list_installed_reinstall``
:ref:`color <color-label>`
Color of installed packages that are among available packages and can be reinstalled.
- The option is used during list operations.
+ The option is used during list operations. Default is normal.
``color_search_match``
:ref:`color <color-label>`
- Color of patterns matched in search output.
+ Color of patterns matched in search output. Default is bold.
``color_update_installed``
:ref:`color <color-label>`
- Color of removed packages.
+ Color of removed packages. Default is normal.
This option is used during displaying transactions.
``color_update_local``
:ref:`color <color-label>`
Color of local packages that are installed from the @commandline repository.
- This option is used during displaying transactions.
+ This option is used during displaying transactions. Default is bold.
``color_update_remote``
:ref:`color <color-label>`
Color of packages that are installed/upgraded/downgraded from remote repositories.
- This option is used during displaying transactions.
+ This option is used during displaying transactions. Default is normal.
==============
--
2.35.1

View File

@ -1,21 +0,0 @@
From 276e3b1d19bfad2a72f75ecbcce478e4f1e575db Mon Sep 17 00:00:00 2001
From: Gary Leydon <gary.leydon@yale.edu>
Date: Fri, 21 May 2021 14:16:21 -0400
Subject: [PATCH] add author
---
AUTHORS | 1 +
1 file changed, 1 insertion(+)
diff --git a/AUTHORS b/AUTHORS
index 1981dc4e..f8c9eb83 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -95,3 +95,4 @@ DNF CONTRIBUTORS
Vladan Kudlac <vladankudlac@gmail.com>
Will Woods <wwoods@redhat.com>
Furkan Karcıoğlu <krc440002@gmail.com>
+ Gary Leydon <gary.leydon@yale.edu>
--
2.35.1

View File

@ -1,75 +0,0 @@
From 5cfe87de2ecd645c2aa8b210bd98171e8dd72fe5 Mon Sep 17 00:00:00 2001
From: Gary Leydon <gary.leydon@yale.edu>
Date: Thu, 27 May 2021 11:52:42 -0400
Subject: [PATCH] update colors according to libdnf/libdnf/conf/ConfigMain.cpp
---
doc/conf_ref.rst | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/doc/conf_ref.rst b/doc/conf_ref.rst
index fcaa0319..016bd00c 100644
--- a/doc/conf_ref.rst
+++ b/doc/conf_ref.rst
@@ -498,13 +498,13 @@ configuration file by your distribution to override the DNF defaults.
:ref:`color <color-label>`
Color of available packages that are older than installed packages.
- The option is used during list operations. Default is dim,cyan.
+ The option is used during list operations. Default is magenta.
``color_list_available_install``
:ref:`color <color-label>`
Color of packages that are available for installation and none of their versions in installed.
- The option is used during list operations. Default is normal.
+ The option is used during list operations. Default is bold,cyan.
``color_list_available_reinstall``
:ref:`color <color-label>`
@@ -534,36 +534,36 @@ configuration file by your distribution to override the DNF defaults.
:ref:`color <color-label>`
Color of installed packages that are older than any version among available packages.
- The option is used during list operations. Default is bold.
+ The option is used during list operations. Default is yellow.
``color_list_installed_reinstall``
:ref:`color <color-label>`
Color of installed packages that are among available packages and can be reinstalled.
- The option is used during list operations. Default is normal.
+ The option is used during list operations. Default is cyan.
``color_search_match``
:ref:`color <color-label>`
- Color of patterns matched in search output. Default is bold.
+ Color of patterns matched in search output. Default is bold,magenta.
``color_update_installed``
:ref:`color <color-label>`
- Color of removed packages. Default is normal.
+ Color of removed packages. Default is red.
This option is used during displaying transactions.
``color_update_local``
:ref:`color <color-label>`
Color of local packages that are installed from the @commandline repository.
- This option is used during displaying transactions. Default is bold.
+ This option is used during displaying transactions. Default is green.
``color_update_remote``
:ref:`color <color-label>`
Color of packages that are installed/upgraded/downgraded from remote repositories.
- This option is used during displaying transactions. Default is normal.
+ This option is used during displaying transactions. Default is bold,green.
==============
--
2.35.1

View File

@ -1,81 +0,0 @@
From f5cb86b83aedaa18fd784d06d8f1479b9127c6f5 Mon Sep 17 00:00:00 2001
From: Marek Blaha <mblaha@redhat.com>
Date: Wed, 6 Oct 2021 09:43:37 +0200
Subject: [PATCH] Fix reporting irrecoverable errors on packages download
The original _irrecoverable property returns random dictionary - either
packages irrecoverable errors, or global fatal error or even new empty
dictionary. This makes it prone to programmer errors like:
errs._irrecoverable[pkg] = [err]
which may lead to setting the error into the newly created empty
dictionary instead of packages errors dictionary as intended.
I turned the property to method which I consider more clear.
---
dnf/base.py | 8 ++++----
dnf/repo.py | 9 ++++-----
2 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/dnf/base.py b/dnf/base.py
index 0949ddf8..b0a378c2 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -1165,8 +1165,8 @@ class Base(object):
progress.start(len(payloads), est_remote_size)
errors = dnf.repo._download_payloads(payloads, drpm)
- if errors._irrecoverable:
- raise dnf.exceptions.DownloadError(errors._irrecoverable)
+ if errors._irrecoverable():
+ raise dnf.exceptions.DownloadError(errors._irrecoverable())
remote_size = sum(errors._bandwidth_used(pload)
for pload in payloads)
@@ -1191,8 +1191,8 @@ class Base(object):
progress.start(len(payloads), est_remote_size)
errors = dnf.repo._download_payloads(payloads, drpm)
- if errors._irrecoverable:
- raise dnf.exceptions.DownloadError(errors._irrecoverable)
+ if errors._irrecoverable():
+ raise dnf.exceptions.DownloadError(errors._irrecoverable())
remote_size += \
sum(errors._bandwidth_used(pload) for pload in payloads)
diff --git a/dnf/repo.py b/dnf/repo.py
index b5c9849e..b454e981 100644
--- a/dnf/repo.py
+++ b/dnf/repo.py
@@ -112,7 +112,7 @@ def _download_payloads(payloads, drpm):
errs._skipped.add(pkg)
continue
pkg.repo._repo.expire()
- errs._irrecoverable[pkg] = [err]
+ errs._pkg_irrecoverable[pkg] = [err]
return errs
@@ -131,15 +131,14 @@ def _update_saving(saving, payloads, errs):
class _DownloadErrors(object):
def __init__(self):
- self._val_irrecoverable = {}
+ self._pkg_irrecoverable = {}
self._val_recoverable = {}
self._fatal = None
self._skipped = set()
- @property
def _irrecoverable(self):
- if self._val_irrecoverable:
- return self._val_irrecoverable
+ if self._pkg_irrecoverable:
+ return self._pkg_irrecoverable
if self._fatal:
return {'': [self._fatal]}
return {}
--
2.35.1

View File

@ -1,68 +0,0 @@
From ca3d7f06c8f4c1c901dc853ac33c06976b46c61e Mon Sep 17 00:00:00 2001
From: Marek Blaha <mblaha@redhat.com>
Date: Wed, 6 Oct 2021 09:56:05 +0200
Subject: [PATCH] Add fail_fast parameter to download_payloads methods
Unlike in the rpm transaction, reposync needs to switch the fail_fast
off to download as much packages from repository as possible.
---
dnf/base.py | 6 +++---
dnf/repo.py | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/dnf/base.py b/dnf/base.py
index b0a378c2..c258a5a7 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -1151,7 +1151,7 @@ class Base(object):
timer()
self._trans_success = True
- def _download_remote_payloads(self, payloads, drpm, progress, callback_total):
+ def _download_remote_payloads(self, payloads, drpm, progress, callback_total, fail_fast=True):
lock = dnf.lock.build_download_lock(self.conf.cachedir, self.conf.exit_on_lock)
with lock:
beg_download = time.time()
@@ -1163,7 +1163,7 @@ class Base(object):
progress.start(len(payloads), est_remote_size, total_drpms=total_drpm)
else:
progress.start(len(payloads), est_remote_size)
- errors = dnf.repo._download_payloads(payloads, drpm)
+ errors = dnf.repo._download_payloads(payloads, drpm, fail_fast)
if errors._irrecoverable():
raise dnf.exceptions.DownloadError(errors._irrecoverable())
@@ -1189,7 +1189,7 @@ class Base(object):
est_remote_size = sum(pload.download_size
for pload in payloads)
progress.start(len(payloads), est_remote_size)
- errors = dnf.repo._download_payloads(payloads, drpm)
+ errors = dnf.repo._download_payloads(payloads, drpm, fail_fast)
if errors._irrecoverable():
raise dnf.exceptions.DownloadError(errors._irrecoverable())
diff --git a/dnf/repo.py b/dnf/repo.py
index b454e981..bb422309 100644
--- a/dnf/repo.py
+++ b/dnf/repo.py
@@ -84,7 +84,7 @@ def _pkg2payload(pkg, progress, *factories):
raise ValueError(_('no matching payload factory for %s') % pkg)
-def _download_payloads(payloads, drpm):
+def _download_payloads(payloads, drpm, fail_fast=True):
# download packages
def _download_sort_key(payload):
return not hasattr(payload, 'delta')
@@ -94,7 +94,7 @@ def _download_payloads(payloads, drpm):
for pload in sorted(payloads, key=_download_sort_key)]
errs = _DownloadErrors()
try:
- libdnf.repo.PackageTarget.downloadPackages(libdnf.repo.VectorPPackageTarget(targets), True)
+ libdnf.repo.PackageTarget.downloadPackages(libdnf.repo.VectorPPackageTarget(targets), fail_fast)
except RuntimeError as e:
errs._fatal = str(e)
drpm.wait()
--
2.35.1

View File

@ -1,139 +0,0 @@
From f0f037db8219b1e74be4ed86f5eea53b63ca1d88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
Date: Tue, 20 Jul 2021 15:29:59 +0200
Subject: [PATCH] comps: Make the install_or_skip() method not catch CompsError
anymore
According to its docstring, the original intention of the method was to
not fail on installing an already installed group/environment.
However, the CompsError is no longer thrown when attempting to install
an already installed group or environment. It was changed to logging a
warning directly in 5210b9dc and then the check was removed completely
in 217ca0fa.
For the other case for which an instance of CompsError can be thrown
from the install_group() and install_environment() methods, which is
when a group or environment is not found, we certainly want to throw an
error (see the linked bugs), therefore there's no reason to catch the
exception anymore.
The install_or_skip() method is preserved as part of the API so as not
to break compatibility any more than necessary.
msg: API: Raise CompsError when group/env not found in install_group and install_environment
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1947958
related: https://bugzilla.redhat.com/show_bug.cgi?id=1943206
---
dnf/base.py | 8 ++------
dnf/cli/commands/group.py | 4 ++--
dnf/comps.py | 20 ++++++++++----------
doc/api_base.rst | 4 ++--
4 files changed, 16 insertions(+), 20 deletions(-)
diff --git a/dnf/base.py b/dnf/base.py
index c258a5a7..babca31d 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -1668,9 +1668,7 @@ class Base(object):
if not isinstance(types, int):
types = libdnf.transaction.listToCompsPackageType(types)
- trans = dnf.comps.install_or_skip(solver._environment_install,
- env_id, types, exclude or set(),
- strict, exclude_groups)
+ trans = solver._environment_install(env_id, types, exclude or set(), strict, exclude_groups)
if not trans:
return 0
return self._add_comps_trans(trans)
@@ -1713,9 +1711,7 @@ class Base(object):
if not isinstance(pkg_types, int):
pkg_types = libdnf.transaction.listToCompsPackageType(pkg_types)
- trans = dnf.comps.install_or_skip(solver._group_install,
- grp_id, pkg_types, exclude_pkgnames,
- strict)
+ trans = solver._group_install(grp_id, pkg_types, exclude_pkgnames, strict)
if not trans:
return 0
if strict:
diff --git a/dnf/cli/commands/group.py b/dnf/cli/commands/group.py
index cf542799..fd723c48 100644
--- a/dnf/cli/commands/group.py
+++ b/dnf/cli/commands/group.py
@@ -244,9 +244,9 @@ class GroupCommand(commands.Command):
types = tuple(self.base.conf.group_package_types)
pkg_types = libdnf.transaction.listToCompsPackageType(types)
for env_id in res.environments:
- dnf.comps.install_or_skip(solver._environment_install, env_id, pkg_types)
+ solver._environment_install(env_id, pkg_types)
for group_id in res.groups:
- dnf.comps.install_or_skip(solver._group_install, group_id, pkg_types)
+ solver._group_install(group_id, pkg_types)
def _mark_remove(self, patterns):
q = CompsQuery(self.base.comps, self.base.history,
diff --git a/dnf/comps.py b/dnf/comps.py
index 89765337..461eb274 100644
--- a/dnf/comps.py
+++ b/dnf/comps.py
@@ -93,15 +93,15 @@ def _fn_display_order(group):
def install_or_skip(install_fnc, grp_or_env_id, types, exclude=None,
strict=True, exclude_groups=None):
- """Either mark in persistor as installed given `grp_or_env` (group
- or environment) or skip it (if it's already installed).
- `install_fnc` has to be Solver._group_install
- or Solver._environment_install.
- """
- try:
- return install_fnc(grp_or_env_id, types, exclude, strict, exclude_groups)
- except dnf.comps.CompsError as e:
- logger.warning("%s, %s", ucd(e)[:-1], _("skipping."))
+ """
+ Installs a group or an environment identified by grp_or_env_id.
+ This method is preserved for API compatibility. It used to catch an
+ exception thrown when a gorup or env was already installed, which is no
+ longer thrown.
+ `install_fnc` has to be Solver._group_install or
+ Solver._environment_install.
+ """
+ return install_fnc(grp_or_env_id, types, exclude, strict, exclude_groups)
class _Langs(object):
@@ -592,7 +592,7 @@ class Solver(object):
assert dnf.util.is_string_type(group_id)
return self.history.env.is_removable_group(group_id)
- def _environment_install(self, env_id, pkg_types, exclude, strict=True, exclude_groups=None):
+ def _environment_install(self, env_id, pkg_types, exclude=None, strict=True, exclude_groups=None):
assert dnf.util.is_string_type(env_id)
comps_env = self.comps._environment_by_id(env_id)
if not comps_env:
diff --git a/doc/api_base.rst b/doc/api_base.rst
index 20d7945e..03396b69 100644
--- a/doc/api_base.rst
+++ b/doc/api_base.rst
@@ -179,7 +179,7 @@
.. method:: group_install(group_id, pkg_types, exclude=None, strict=True)
- Mark group with corresponding `group_id` installed and mark the packages in the group for installation. Return the number of packages that the operation has marked for installation. `pkg_types` is a sequence of strings determining the kinds of packages to be installed, where the respective groups can be selected by including ``"mandatory"``, ``"default"`` or ``"optional"`` in it. If `exclude` is given, it has to be an iterable of package name glob patterns: :meth:`.group_install` will then not mark the respective packages for installation whenever possible. Parameter `strict` is a boolean indicating whether group packages that exist but are non-installable due to e.g. dependency issues should be skipped (False) or cause transaction to fail to resolve (True).
+ Mark group with corresponding `group_id` installed and mark the packages in the group for installation. Return the number of packages that the operation has marked for installation. `pkg_types` is a sequence of strings determining the kinds of packages to be installed, where the respective groups can be selected by including ``"mandatory"``, ``"default"`` or ``"optional"`` in it. If `exclude` is given, it has to be an iterable of package name glob patterns: :meth:`.group_install` will then not mark the respective packages for installation whenever possible. Parameter `strict` is a boolean indicating whether group packages that exist but are non-installable due to e.g. dependency issues should be skipped (False) or cause transaction to fail to resolve (True). Raises :exc:`dnf.exceptions.CompsError` in case the group doesn't exist.
.. method:: group_remove(group_id)
@@ -191,7 +191,7 @@
.. method:: environment_install(env_id, types, exclude=None, strict=True, exclude_groups=None)
- Similar to :meth:`.group_install` but operates on environmental groups. `exclude_groups` is an iterable of group IDs that will not be marked as installed.
+ Similar to :meth:`.group_install` but operates on environmental groups. `exclude_groups` is an iterable of group IDs that will not be marked as installed. Raises :exc:`dnf.exceptions.CompsError` in case the group doesn't exist.
.. method:: environment_remove(env_id)
--
2.35.1

View File

@ -1,30 +0,0 @@
From 683b92811abcb6cbbc00353010ec18e2cf655912 Mon Sep 17 00:00:00 2001
From: Jaroslav Mracek <jmracek@redhat.com>
Date: Mon, 6 Sep 2021 12:40:59 +0200
Subject: [PATCH] [doc] Improve description of multilib_policy=all
(RhBug:1996681,1995630)
https://bugzilla.redhat.com/show_bug.cgi?id=1996681
https://bugzilla.redhat.com/show_bug.cgi?id=1995630
---
doc/conf_ref.rst | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/doc/conf_ref.rst b/doc/conf_ref.rst
index 016bd00c..83b14ecd 100644
--- a/doc/conf_ref.rst
+++ b/doc/conf_ref.rst
@@ -351,7 +351,9 @@ configuration file by your distribution to override the DNF defaults.
``multilib_policy``
:ref:`string <string-label>`
- Controls how multilib packages are treated during install operations. Can either be ``"best"`` (the default) for the depsolver to prefer packages which best match the system's architecture, or ``"all"`` to install all available packages with compatible architectures.
+ Controls how multilib packages are treated during install operations. Can either be ``"best"`` (the default) for
+ the depsolver to prefer packages which best match the system's architecture, or ``"all"`` to install packages for
+ all available architectures.
.. _obsoletes_conf_option-label:
--
2.35.1

View File

@ -1,34 +0,0 @@
From db52d259645daf8ca0ae06e829787d36171f2d5b Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Wed, 20 Oct 2021 09:20:03 +0200
Subject: [PATCH] Fix: Python dnf API does not respect cacheonly
(RhBug:1862970)
`Repo` object has always been constructed with default synchronization
strategy. The configuration option `cacheonly` was ignored. DNF
application set synchronization strategy later in the `Cli` object
during processing demands.
The fix takes into account the `cacheonly` option during the construction
of the `Repo` object. Synchronization strategy may still be overriden
during demand processing.
---
dnf/repo.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dnf/repo.py b/dnf/repo.py
index bb422309..1822cf01 100644
--- a/dnf/repo.py
+++ b/dnf/repo.py
@@ -434,7 +434,7 @@ class Repo(dnf.conf.RepoConf):
self._pkgdir = None
self._key_import = _NullKeyImport()
self.metadata = None # :api
- self._repo.setSyncStrategy(self.DEFAULT_SYNC)
+ self._repo.setSyncStrategy(SYNC_ONLY_CACHE if parent_conf and parent_conf.cacheonly else self.DEFAULT_SYNC)
if parent_conf:
self._repo.setSubstitutions(parent_conf.substitutions)
self._substitutions = dnf.conf.substitutions.Substitutions()
--
2.35.1

View File

@ -1,26 +0,0 @@
From f8025df597685a0bd0c347b1a60c280f03bdca6f Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Fri, 5 Nov 2021 08:52:56 +0100
Subject: [PATCH] Documentation: API notes for cacheonly
---
doc/conf_ref.rst | 3 +++
1 file changed, 3 insertions(+)
diff --git a/doc/conf_ref.rst b/doc/conf_ref.rst
index 83b14ecd..75bcdf75 100644
--- a/doc/conf_ref.rst
+++ b/doc/conf_ref.rst
@@ -129,6 +129,9 @@ configuration file by your distribution to override the DNF defaults.
If set to ``True`` DNF will run entirely from system cache, will not update
the cache and will use it even in case it is expired. Default is ``False``.
+ API Notes: Must be set before repository objects are created. Plugins must set
+ this in the pre_config hook. Later changes are ignored.
+
.. _check_config_file_age-label:
``check_config_file_age``
--
2.35.1

View File

@ -1,39 +0,0 @@
From 6af9938c87cf409f886f21b59ec45c54eda6c8b2 Mon Sep 17 00:00:00 2001
From: Jaroslav Mracek <jmracek@redhat.com>
Date: Tue, 2 Nov 2021 14:23:22 +0100
Subject: [PATCH] Allow destdir option with modulesync command
---
dnf/cli/cli.py | 2 +-
doc/command_ref.rst | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
index 65769978..a315201c 100644
--- a/dnf/cli/cli.py
+++ b/dnf/cli/cli.py
@@ -810,7 +810,7 @@ class Cli(object):
if opts.destdir is not None:
self.base.conf.destdir = opts.destdir
if not self.base.conf.downloadonly and opts.command not in (
- 'download', 'system-upgrade', 'reposync'):
+ 'download', 'system-upgrade', 'reposync', 'modulesync'):
logger.critical(_('--destdir or --downloaddir must be used with --downloadonly '
'or download or system-upgrade command.')
)
diff --git a/doc/command_ref.rst b/doc/command_ref.rst
index f96c0eac..42aec72c 100644
--- a/doc/command_ref.rst
+++ b/doc/command_ref.rst
@@ -182,7 +182,7 @@ Options
``--downloaddir=<path>, --destdir=<path>``
Redirect downloaded packages to provided directory. The option has to be used together with the \-\
:ref:`-downloadonly <downloadonly-label>` command line option, with the
- ``download`` command (dnf-plugins-core) or with the ``system-upgrade`` command
+ ``download``, ``modulesync`` or ``reposync`` commands (dnf-plugins-core) or with the ``system-upgrade`` command
(dnf-plugins-extras).
.. _downloadonly-label:
--
2.35.1

File diff suppressed because it is too large Load Diff

View File

@ -1,57 +0,0 @@
From 27f26c607c44b8331b23c861241a8509c2452531 Mon Sep 17 00:00:00 2001
From: sbluhm <stefan.bluhm@clacee.eu>
Date: Sun, 9 Jan 2022 14:30:19 +0100
Subject: [PATCH] Add documentation for query api flags
= changelog =
msg: Add documentation for query api flags
type: enhancement
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2035577
---
AUTHORS | 1 +
doc/api_sack.rst | 14 +++++++++++++-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/AUTHORS b/AUTHORS
index f8c9eb83..0077c7ea 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -91,6 +91,7 @@ DNF CONTRIBUTORS
Petr Spacek <pspacek@redhat.com>
Rob Cutmore <robcutmore@gmail.com>
Satoshi Matsumoto <kaorimatz@gmail.com>
+ Stefan Bluhm <stefan.bluhm@clacee.eu>
Tomas Kasparek <tkasparek@redhat.com>
Vladan Kudlac <vladankudlac@gmail.com>
Will Woods <wwoods@redhat.com>
diff --git a/doc/api_sack.rst b/doc/api_sack.rst
index 79719878..ac843fc9 100644
--- a/doc/api_sack.rst
+++ b/doc/api_sack.rst
@@ -25,10 +25,22 @@
The package sack. Contains metadata information about all known packages, installed and available.
- .. method:: query()
+ .. method:: query(flags=hawkey.APPLY_EXCLUDES)
Return a :class:`Query<dnf.query.Query>` for querying packages contained in this sack.
+ :ref:`Package filtering <excluded_packages-label>` is applied when creating the query object. The behavior can be adapted using flags. Possible flags:
+
+
+ ============================== ===========================================================================
+ Flag Value meaning
+ ============================== ===========================================================================
+ hawkey.APPLY_EXCLUDES Apply all package filtering.
+ hawkey.IGNORE_EXCLUDES Ignore all package filtering.
+ hawkey.IGNORE_REGULAR_EXCLUDES Ignore regular excludes defined by configuration files or the command line.
+ hawkey.IGNORE_MODULAR_EXCLUDES Ignore modular filtering.
+ ============================== ===========================================================================
+
.. function:: rpmdb_sack(base)
Returns a new instance of sack containing only installed packages (@System repo). Useful to get list of the installed RPMs after transaction.
--
2.35.1

View File

@ -1,37 +0,0 @@
From 9bd0423e1e543ed5f83924ec61aa253eced24cf8 Mon Sep 17 00:00:00 2001
From: Marek Blaha <mblaha@redhat.com>
Date: Mon, 14 Mar 2022 09:49:52 +0100
Subject: [PATCH] Fix processing of download errors (RhBug: 2024527)
Users with different than english locale are not able to update their
systems in case that some of updates are already downloaded in the dnf
cache (e.g. using dnf-automatic).
The error string is taken from librepo target where it is stored
untranslated. Therefore we need to compare untranslated versions of the
string.
= changelog =
msg: Fix download errors handling in non-english locales
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2024527
---
dnf/repo.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dnf/repo.py b/dnf/repo.py
index 1822cf01..ec1a2537 100644
--- a/dnf/repo.py
+++ b/dnf/repo.py
@@ -108,7 +108,7 @@ def _download_payloads(payloads, drpm, fail_fast=True):
callbacks = tgt.getCallbacks()
payload = callbacks.package_pload
pkg = payload.pkg
- if err == _('Already downloaded'):
+ if err == 'Already downloaded':
errs._skipped.add(pkg)
continue
pkg.repo._repo.expire()
--
2.35.1

View File

@ -1,81 +0,0 @@
From 0da73ea1304005b796842d96679d6ea31cdeea3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Tue, 1 Mar 2022 12:42:23 +0100
Subject: [PATCH] Fix unittests that relied on checksum being at the end of
solvfiles
---
tests/test_fill_sack_from_repos_in_cache.py | 26 +++++++++++----------
1 file changed, 14 insertions(+), 12 deletions(-)
diff --git a/tests/test_fill_sack_from_repos_in_cache.py b/tests/test_fill_sack_from_repos_in_cache.py
index a8de287c..30d02cfe 100644
--- a/tests/test_fill_sack_from_repos_in_cache.py
+++ b/tests/test_fill_sack_from_repos_in_cache.py
@@ -39,7 +39,7 @@ TEST_REPO_NAME = "test-repo"
class FillSackFromReposInCacheTest(unittest.TestCase):
- def _create_cache_for_repo(self, repopath, tmpdir):
+ def _create_cache_for_repo(self, repopath, tmpdir, repo_name=TEST_REPO_NAME):
conf = dnf.conf.MainConf()
conf.cachedir = os.path.join(tmpdir, "cache")
conf.installroot = tmpdir
@@ -49,7 +49,7 @@ class FillSackFromReposInCacheTest(unittest.TestCase):
base = dnf.Base(conf=conf)
- repoconf = dnf.repo.Repo(TEST_REPO_NAME, base.conf)
+ repoconf = dnf.repo.Repo(repo_name, base.conf)
repoconf.baseurl = repopath
repoconf.enable()
@@ -194,6 +194,8 @@ class FillSackFromReposInCacheTest(unittest.TestCase):
def test_exception_with_checksum_mismatch_and_only_repomd(self):
self._setUp_from_repo_path(os.path.join(os.path.abspath(os.path.dirname(__file__)), "repos/rpm"))
+ self._create_cache_for_repo(os.path.join(os.path.abspath(os.path.dirname(__file__)), "repos/drpm"),
+ self.tmpdir, "drpm-repo")
# Remove xml metadata except repomd
# repomd.xml is not compressed and doesn't end with .gz
@@ -201,12 +203,11 @@ class FillSackFromReposInCacheTest(unittest.TestCase):
for f in repodata_without_repomd:
os.remove(f)
- # Modify checksum of solv file so it doesn't match with repomd
- solv = glob.glob(os.path.join(self.tmpdir, "cache/*.solv"))[0]
- with open(solv, "a") as opensolv:
- opensolv.write("appended text to change checksum")
+ # Replace solvfile of test-repo with solvfile from drpm-repo which has different data (different checksum)
+ shutil.move(os.path.join(self.tmpdir, "cache/drpm-repo.solv"),
+ os.path.join(self.tmpdir, "cache/test-repo.solv"))
- # Now we only have cache with solvx, modified solv file and just repomd
+ # Now we only have cache with solvx, mismatching solv file and just repomd
# Since we don't have original xml metadata we cannot regenerate solv -> fail (exception)
self.assertRaises(dnf.exceptions.RepoError,
@@ -214,13 +215,14 @@ class FillSackFromReposInCacheTest(unittest.TestCase):
def test_checksum_mistmatch_regenerates_solv(self):
self._setUp_from_repo_path(os.path.join(os.path.abspath(os.path.dirname(__file__)), "repos/rpm"))
+ self._create_cache_for_repo(os.path.join(os.path.abspath(os.path.dirname(__file__)), "repos/drpm"),
+ self.tmpdir, "drpm-repo")
- # Modify checksum of solv file so it doesn't match with repomd
- solv = glob.glob(os.path.join(self.tmpdir, "cache/*.solv"))[0]
- with open(solv, "a") as opensolv:
- opensolv.write("appended text to change checksum")
+ # Replace solvfile of test-repo with solvfile from drpm-repo which has different data (different checksum)
+ shutil.move(os.path.join(self.tmpdir, "cache/drpm-repo.solv"),
+ os.path.join(self.tmpdir, "cache/test-repo.solv"))
- # Now we only have cache with solvx, modified solv file and xml metadata.
+ # Now we only have cache with solvx, mismatching solv file and xml metadata.
# Checksum mistmatch causes regeneration of solv file and repo works.
self.test_base.fill_sack_from_repos_in_cache(load_system_repo=False)
--
2.35.1

View File

@ -1,64 +0,0 @@
From fe87499e6745795b1dc6225fa102a1242eb9ffc8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Hr=C3=A1zk=C3=BD?= <lhrazky@redhat.com>
Date: Thu, 17 Feb 2022 18:46:22 +0100
Subject: [PATCH] cli/commands/history: Fix history undo on a Reason Change
The previous reason needs to be fetched from the history db. It's
inefficient to parse the nevra after it was serialized in a previous
step, but that would need bigger code restructuring.
= changelog =
msg: Fix history undo on a Reason Change
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2053014
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2010259
---
dnf.spec | 2 +-
dnf/cli/commands/history.py | 11 +++++++++++
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/dnf.spec b/dnf.spec
index 02c8b577..36c3932e 100644
--- a/dnf.spec
+++ b/dnf.spec
@@ -2,7 +2,7 @@
%define __cmake_in_source_build 1
# default dependencies
-%global hawkey_version 0.61.1
+%global hawkey_version 0.66.0
%global libcomps_version 0.1.8
%global libmodulemd_version 2.9.3
%global rpm_version 4.14.0
diff --git a/dnf/cli/commands/history.py b/dnf/cli/commands/history.py
index 293d93fc..21d04a1a 100644
--- a/dnf/cli/commands/history.py
+++ b/dnf/cli/commands/history.py
@@ -223,6 +223,7 @@ class HistoryCommand(commands.Command):
"Reinstall": "Reinstalled",
"Obsoleted": "Install",
"Obsolete": "Obsoleted",
+ "Reason Change": "Reason Change",
}
data = serialize_transaction(trans)
@@ -235,6 +236,16 @@ class HistoryCommand(commands.Command):
if ti["action"] == "Install" and ti.get("reason", None) == "clean":
ti["reason"] = "dependency"
+ if ti["action"] == "Reason Change" and "nevra" in ti:
+ subj = hawkey.Subject(ti["nevra"])
+ nevra = subj.get_nevra_possibilities(forms=[hawkey.FORM_NEVRA])[0]
+ reason = self.output.history.swdb.resolveRPMTransactionItemReason(
+ nevra.name,
+ nevra.arch,
+ trans.tids()[0] - 1
+ )
+ ti["reason"] = libdnf.transaction.TransactionItemReasonToString(reason)
+
if ti.get("repo_id") == hawkey.SYSTEM_REPO_NAME:
# erase repo_id, because it's not possible to perform forward actions from the @System repo
ti["repo_id"] = None
--
2.35.1

View File

@ -1,30 +0,0 @@
From 55f6691d5663c59b675064b04e19288365e92d24 Mon Sep 17 00:00:00 2001
From: Nicola Sella <nsella@redhat.com>
Date: Tue, 15 Mar 2022 16:26:10 +0100
Subject: [PATCH] Fix remove when no repos are enabled (RhBz:2064341)
msg: When no repositories are enabled, dnf group exits and does not
remove an installed group.
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2064341
type: bugfix
---
dnf/cli/commands/group.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/dnf/cli/commands/group.py b/dnf/cli/commands/group.py
index fd723c48..c5c23230 100644
--- a/dnf/cli/commands/group.py
+++ b/dnf/cli/commands/group.py
@@ -358,7 +358,8 @@ class GroupCommand(commands.Command):
else:
demands.available_repos = True
- commands._checkEnabledRepo(self.base)
+ if cmd not in ('remove'):
+ commands._checkEnabledRepo(self.base)
if cmd in ('install', 'upgrade'):
commands._checkGPGKey(self.base, self.cli)
--
2.35.1

View File

@ -1,30 +0,0 @@
From 8f05ee29b7398fa6d18c7113a533f1d8726239df Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Tue, 12 Apr 2022 12:25:05 +0200
Subject: [PATCH] [doc] Improve "proxy" configuration option documentation
(RhBug:2072332)
---
doc/conf_ref.rst | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/doc/conf_ref.rst b/doc/conf_ref.rst
index 75bcdf75..885a4560 100644
--- a/doc/conf_ref.rst
+++ b/doc/conf_ref.rst
@@ -833,10 +833,10 @@ configuration.
``proxy``
:ref:`string <string-label>`
- URL of a proxy server to connect through. Set to an empty string to disable the proxy setting inherited from the main section and use direct connection instead. The expected format of this option is ``<scheme>://<ip-or-hostname>[:port]``.
+ URL of a proxy server to connect through. Set to an empty string in the repository configuration to disable proxy setting inherited from the main section. The expected format of this option is ``<scheme>://<ip-or-hostname>[:port]``.
(For backward compatibility, '_none_' can be used instead of the empty string.)
- Note: The curl environment variables (such as ``http_proxy``) are effective if this option is unset. See the ``curl`` man page for details.
+ Note: The curl environment variables (such as ``http_proxy``) are effective if this option is unset (or '_none_' is set in the repository configuration). See the ``curl`` man page for details.
``proxy_username``
:ref:`string <string-label>`
--
2.35.1

View File

@ -1,318 +0,0 @@
From 88a6289a4f72b11253c01a5a5d834b74d5abb6c3 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Sun, 24 Apr 2022 09:08:28 +0200
Subject: [PATCH] Base.reset: plug (temporary) leak of libsolv's page file
descriptors
Consider the following call paths (mixed Python and C), extending from
livecd-creator down to libsolv:
main [livecd-tools/tools/livecd-creator]
install() [livecd-tools/imgcreate/creator.py]
fill_sack() [dnf/dnf/base.py]
_add_repo_to_sack() [dnf/dnf/base.py]
load_repo() [libdnf/python/hawkey/sack-py.cpp]
dnf_sack_load_repo() [libdnf/libdnf/dnf-sack.cpp]
write_main() [libdnf/libdnf/dnf-sack.cpp]
repo_add_solv() [libsolv/src/repo_solv.c]
repopagestore_read_or_setup_pages() [libsolv/src/repopage.c]
dup()
write_ext() [libdnf/libdnf/dnf-sack.cpp]
repo_add_solv() [libsolv/src/repo_solv.c]
repopagestore_read_or_setup_pages() [libsolv/src/repopage.c]
dup()
The dup() calls create the following file descriptors (output from
"lsof"):
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
> python3 6500 root 7r REG 8,1 25320727 395438 /var/tmp/imgcreate-mytcghah/install_root/var/cache/dnf/fedora.solv (deleted)
> python3 6500 root 8r REG 8,1 52531426 395450 /var/tmp/imgcreate-mytcghah/install_root/var/cache/dnf/fedora-filenames.solvx
These file descriptors are *owned* by the DnfSack object (which is derived
from GObject), as follows:
sack->priv->pool->repos[1]->repodata[1]->store.pagefd = 7
sack->priv->pool->repos[1]->repodata[2]->store.pagefd = 8
^ ^ ^ ^ ^ ^ ^
| | | | | | |
| | | | | | int
| | | | | Repopagestore [libsolv/src/repopage.h]
| | | | Repodata [libsolv/src/repodata.h]
| | | struct s_Repo [libsolv/src/repo.h]
| | struct s_Pool (aka Pool) [libsolv/src/pool.h]
| DnfSackPrivate [libdnf/libdnf/dnf-sack.cpp]
DnfSack [libdnf/libdnf/dnf-sack.h]
The file descriptors are *supposed* to be closed on the following call
path:
main [livecd-tools/tools/livecd-creator]
install() [livecd-tools/imgcreate/creator.py]
close() [livecd-tools/imgcreate/dnfinst.py]
close() [dnf/dnf/base.py]
reset() [dnf/dnf/base.py]
_sack = None
_goal = None
_transaction = None
...
dnf_sack_finalize() [libdnf/libdnf/dnf-sack.cpp]
pool_free() [libsolv/src/pool.c]
pool_freeallrepos() [libsolv/src/pool.c]
repo_freedata() [libsolv/src/repo.c]
repodata_freedata() [libsolv/src/repodata.c]
repopagestore_free() [libsolv/src/repopage.c]
close()
Namely, when dnf.Base.reset() [dnf/dnf/base.py] is called with (sack=True,
goal=True), the reference counts of the objects pointed to by the "_sack",
"_goal" and "_transaction" fields are supposed to reach zero, and then, as
part of the DnfSack object's finalization, the libsolv file descriptors
are supposed to be closed.
Now, while this *may* happen immediately in dnf.Base.reset(), it may as
well not. The reason is that there is a multitude of *circular references*
between DnfSack and the packages that it contains. When dnf.Base.reset()
is entered, we have the following picture:
_sack _goal
| |
v v
+----------------+ +-------------+
| DnfSack object | <--- | Goal object |
+----------------+ +-------------+
|^ |^ |^
|| || ||
|| || ||
+--||----||----||---+
| v| v| v| | <-- _transaction
| Pkg1 Pkg2 PkgN |
| |
| Transaction oject |
+-------------------+
That is, the reference count of the DnfSack object is (1 + 1 + N), where N
is the number of packages in the transaction. Details:
(a) The first reference comes from the "_sack" field, established like
this:
main [livecd-tools/tools/livecd-creator]
install() [livecd-tools/imgcreate/creator.py]
fill_sack() [dnf/dnf/base.py]
_build_sack() [dnf/dnf/sack.py]
Sack()
sack_init() [libdnf/python/hawkey/sack-py.cpp]
dnf_sack_new() [libdnf/libdnf/dnf-sack.cpp]
(b) The second reference on the DnfSack object comes from "_goal":
main [livecd-tools/tools/livecd-creator]
install() [livecd-tools/imgcreate/creator.py]
fill_sack() [dnf/dnf/base.py]
_goal = Goal(_sack)
goal_init() [libdnf/python/hawkey/goal-py.cpp]
Py_INCREF(_sack)
(c) Then there is one reference to "_sack" *per package* in the
transaction:
main [livecd-tools/tools/livecd-creator]
install() [livecd-tools/imgcreate/creator.py]
runInstall() [livecd-tools/imgcreate/dnfinst.py]
resolve() [dnf/dnf/base.py]
_goal2transaction() [dnf/dnf/base.py]
list_installs() [libdnf/python/hawkey/goal-py.cpp]
list_generic() [libdnf/python/hawkey/goal-py.cpp]
packagelist_to_pylist() [libdnf/python/hawkey/iutil-py.cpp]
new_package() [libdnf/python/hawkey/sack-py.cpp]
Py_BuildValue()
ts.add_install()
list_installs() creates a list of packages that need to be installed
by DNF. Inside the loop in packagelist_to_pylist(), which constructs
the elements of that list, Py_BuildValue() is called with the "O"
format specifier, and that increases the reference count on "_sack".
Subsequently, in the _goal2transaction() method, we iterate over the
package list created by list_installs(), and add each package to the
transaction (ts.add_install()). After _goal2transaction() returns,
this transaction is assigned to "self._transaction" in resolve(). This
is where the last N (back-)references on the DnfSack object come from.
(d) Now, to quote the defintion of the DnfSack object
("libdnf/docs/hawkey/tutorial-py.rst"):
> *Sack* is an abstraction for a collection of packages.
That's why the DnfSack object references all the Pkg1 through PkgN
packages.
So, when the dnf.Base.reset() method completes, the picture changes like
this:
_sack _goal
| |
-- [CUT] -- -- [CUT] --
| |
v | v
+----------------+ [C] +-------------+
| DnfSack object | <-[U]- | Goal object |
+----------------+ [T] +-------------+
|^ |^ |^ |
|| || ||
|| || || |
+--||----||----||---+ [C]
| v| v| v| | <--[U]-- _transaction
| Pkg1 Pkg2 PkgN | [T]
| | |
| Transaction oject |
+-------------------+
and we are left with N reference cycles (one between each package and the
same DnfSack object).
This set of cycles can only be cleaned up by Python's generational garbage
collector <https://stackify.com/python-garbage-collection/>. The GC will
collect the DnfSack object, and consequently close the libsolv page file
descriptors via dnf_sack_finalize() -- but garbage collection will happen
*only eventually*, unpredictably.
This means that the dnf.Base.reset() method breaks its interface contract:
> Make the Base object forget about various things.
because the libsolv file descriptors can (and frequently do, in practice)
survive dnf.Base.reset().
In general, as long as the garbage collector only tracks process-private
memory blocks, there's nothing wrong; however, file descriptors are
visible to the kernel. When dnf.Base.reset() *temporarily* leaks file
descriptors as explained above, then immediately subsequent operations
that depend on those file descriptors having been closed, can fail.
An example is livecd-creator's unmounting of:
/var/tmp/imgcreate-mytcghah/install_root/var/cache/dnf
which the kernel refuses, due to libsolv's still open file descriptors
pointing into that filesystem:
> umount: /var/tmp/imgcreate-mytcghah/install_root/var/cache/dnf: target
> is busy.
> Unable to unmount /var/tmp/imgcreate-mytcghah/install_root/var/cache/dnf
> normally, using lazy unmount
(Unfortunately, the whole lazy umount idea is misguided in livecd-tools;
it's a misfeature that should be removed, as it permits the corruption of
the loop-backed filesystem. Now that the real bug is being fixed in DNF,
lazy umount is not needed as a (broken) workaround in livecd-tools. But
that's a separate patch for livecd-tools:
<https://github.com/livecd-tools/livecd-tools/pull/227>.)
Plug the fd leak by forcing a garbage collection in dnf.Base.reset()
whenever we cut the "_sack", "_goal" and "_transaction" links -- that is,
when the "sack" and "goal" parameters are True.
Note that precisely due to the unpredictable behavior of the garbage
collector, reproducing the bug may prove elusive. In order to reproduce it
deterministically, through usage with livecd-creator, disabling automatic
garbage collection with the following patch (for livecd-tools) is
sufficient:
> diff --git a/tools/livecd-creator b/tools/livecd-creator
> index 291de10cbbf9..8d2c740c238b 100755
> --- a/tools/livecd-creator
> +++ b/tools/livecd-creator
> @@ -31,6 +31,8 @@ from dnf.exceptions import Error as DnfBaseError
> import imgcreate
> from imgcreate.errors import KickstartError
>
> +import gc
> +
> class Usage(Exception):
> def __init__(self, msg = None, no_error = False):
> Exception.__init__(self, msg, no_error)
> @@ -261,5 +263,6 @@ def do_nss_libs_hack():
> return hack
>
> if __name__ == "__main__":
> + gc.disable()
> hack = do_nss_libs_hack()
> sys.exit(main())
Also note that you need to use livecd-tools at git commit 4afde9352e82 or
later, for this fix to make any difference: said commit fixes a different
(independent) bug in livecd-tools that produces identical symptoms, but
from a different origin. In other words, if you don't have commit
4afde9352e82 in your livecd-tools install, then said bug in livecd-tools
will mask this DNF fix.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 5ce5ed1ea08ad6e198c1c1642c4d9ea2db6eab86)
---
dnf/base.py | 41 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 41 insertions(+)
diff --git a/dnf/base.py b/dnf/base.py
index babca31d..852fcdd8 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -72,6 +72,7 @@ import dnf.transaction
import dnf.util
import dnf.yum.rpmtrans
import functools
+import gc
import hawkey
import itertools
import logging
@@ -568,6 +569,46 @@ class Base(object):
self._comps_trans = dnf.comps.TransactionBunch()
self._transaction = None
self._update_security_filters = []
+ if sack and goal:
+ # We've just done this, above:
+ #
+ # _sack _goal
+ # | |
+ # -- [CUT] -- -- [CUT] --
+ # | |
+ # v | v
+ # +----------------+ [C] +-------------+
+ # | DnfSack object | <-[U]- | Goal object |
+ # +----------------+ [T] +-------------+
+ # |^ |^ |^ |
+ # || || ||
+ # || || || |
+ # +--||----||----||---+ [C]
+ # | v| v| v| | <--[U]-- _transaction
+ # | Pkg1 Pkg2 PkgN | [T]
+ # | | |
+ # | Transaction oject |
+ # +-------------------+
+ #
+ # At this point, the DnfSack object would be released only
+ # eventually, by Python's generational garbage collector, due to the
+ # cyclic references DnfSack<->Pkg1 ... DnfSack<->PkgN.
+ #
+ # The delayed release is a problem: the DnfSack object may
+ # (indirectly) own "page file" file descriptors in libsolv, via
+ # libdnf. For example,
+ #
+ # sack->priv->pool->repos[1]->repodata[1]->store.pagefd = 7
+ # sack->priv->pool->repos[1]->repodata[2]->store.pagefd = 8
+ #
+ # These file descriptors are closed when the DnfSack object is
+ # eventually released, that is, when dnf_sack_finalize() (in libdnf)
+ # calls pool_free() (in libsolv).
+ #
+ # We need that to happen right now, as callers may want to unmount
+ # the filesystems which those file descriptors refer to immediately
+ # after reset() returns. Therefore, force a garbage collection here.
+ gc.collect()
def _closeRpmDB(self):
"""Closes down the instances of rpmdb that could be open."""
--
2.35.1

View File

@ -1,31 +0,0 @@
From 00f3016ec0d79186f08c2f0ebf450bdc3dab1311 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Thu, 23 Jun 2022 09:33:45 +0200
Subject: [PATCH] doc: Describe how gpg keys are stored for `repo_ggpcheck`
(RhBug:2020678)
https://bugzilla.redhat.com/show_bug.cgi?id=2020678
---
doc/conf_ref.rst | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/doc/conf_ref.rst b/doc/conf_ref.rst
index 885a4560..decb49ff 100644
--- a/doc/conf_ref.rst
+++ b/doc/conf_ref.rst
@@ -906,6 +906,12 @@ configuration.
:ref:`boolean <boolean-label>`
Whether to perform GPG signature check on this repository's metadata. The default is False.
+ Note that GPG keys for this check are stored separately from GPG keys used in package signature
+ verification. Furthermore, they are also stored separately for each repository.
+
+ This means that dnf may ask to import the same key multiple times. For example, when a key was
+ already imported for package signature verification and this option is turned on, it may be needed
+ to import it again for the repository.
``retries``
:ref:`integer <integer-label>`
--
2.36.1

View File

@ -1,64 +0,0 @@
From 25bc75cbe63289864c09ab25144ee4af232bd8f4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Mon, 4 Jul 2022 09:43:25 +0200
Subject: [PATCH] Add only relevant pkgs to upgrade transaction (RhBug:2097757)
https://bugzilla.redhat.com/show_bug.cgi?id=2097757
Without this patch dnf can create the following transaction during dnf upgrade --security when there is an advisory for B-2-2:
```
repo @System 0 testtags <inline>
#>=Pkg: A 1 1 x86_64
#>=Pkg: B 1 1 x86_64
#>=Req: A = 1-1
repo available 0 testtags <inline>
#>=Pkg: A 2 2 x86_64
#>=Pkg: B 2 2 x86_64
#>=Req: A = 2-2
system x86_64 rpm @System
job update oneof A-1-1.x86_64@@System B-2-2.x86_64@available [targeted,setevr,setarch]
result transaction,problems
```
Problem is that without forcebest nothing gets upgraded despite the available advisory and --security switch.
This can also be seen in CI test case: rpm-software-management/ci-dnf-stack#1130
---
dnf/base.py | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/dnf/base.py b/dnf/base.py
index 852fcdd8..82466831 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -2135,7 +2135,24 @@ class Base(object):
query.filterm(reponame=reponame)
query = self._merge_update_filters(query, pkg_spec=pkg_spec, upgrade=True)
if query:
- query = query.union(installed_query.latest())
+ # Given that we use libsolv's targeted transactions, we need to ensure that the transaction contains both
+ # the new targeted version and also the current installed version (for the upgraded package). This is
+ # because if it only contained the new version, libsolv would decide to reinstall the package even if it
+ # had just a different buildtime or vendor but the same version
+ # (https://github.com/openSUSE/libsolv/issues/287)
+ # - In general, the query already contains both the new and installed versions but not always.
+ # If repository-packages command is used, the installed packages are filtered out because they are from
+ # the @system repo. We need to add them back in.
+ # - However we need to add installed versions of just the packages that are being upgraded. We don't want
+ # to add all installed packages because it could increase the number of solutions for the transaction
+ # (especially without --best) and since libsolv prefers the smallest possible upgrade it could result
+ # in no upgrade even if there is one available. This is a problem in general but its critical with
+ # --security transactions (https://bugzilla.redhat.com/show_bug.cgi?id=2097757)
+ # - We want to add only the latest versions of installed packages, this is specifically for installonly
+ # packages. Otherwise if for example kernel-1 and kernel-3 were installed and present in the
+ # transaction libsolv could decide to install kernel-2 because it is an upgrade for kernel-1 even
+ # though we don't want it because there already is a newer version present.
+ query = query.union(installed_query.latest().filter(name=[pkg.name for pkg in query]))
sltr = dnf.selector.Selector(self.sack)
sltr.set(pkg=query)
self._goal.upgrade(select=sltr)
--
2.36.1

View File

@ -1,37 +0,0 @@
From fea1f456d3d5f3015ebcff4008959916bdaaf6d6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Mon, 4 Jul 2022 09:46:29 +0200
Subject: [PATCH] Use `installed_all` because `installed_query` is filtered
user input
`installed_query` could be missing packages. If we specify we want to
upgrade a specific nevra that is not yet installed, then `installed_query`
is empty because it is based on user input, but there could be other
versions of the pkg installed.
Eg: if kernel-1 and kernel-3 are installed and we specify we want to
upgrade kernel-2, nothing should be done because we already have higher
version, but now `installed_query` would be empty and kernel-2 would be
installed.
Therefore, we need to use `installed_all`.
---
dnf/base.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dnf/base.py b/dnf/base.py
index 82466831..e606d9fa 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -2152,7 +2152,7 @@ class Base(object):
# packages. Otherwise if for example kernel-1 and kernel-3 were installed and present in the
# transaction libsolv could decide to install kernel-2 because it is an upgrade for kernel-1 even
# though we don't want it because there already is a newer version present.
- query = query.union(installed_query.latest().filter(name=[pkg.name for pkg in query]))
+ query = query.union(installed_all.latest().filter(name=[pkg.name for pkg in query]))
sltr = dnf.selector.Selector(self.sack)
sltr.set(pkg=query)
self._goal.upgrade(select=sltr)
--
2.36.1

View File

@ -1,47 +0,0 @@
From 66a37245e82c60b972ee35879f9c29c27466a27b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Mon, 25 Jul 2022 12:44:17 +0200
Subject: [PATCH] Don't include resolved advisories for obsoletes with sec.
filters (RhBug:2101421)
This makes the obsoletes security filters consistent with upgrade
security filters.
This API is used from check-update and from Info and List commands.
- For check-update we don't want to include resolved advisories to have
identical result to the actual update. That is bz2101421 use case.
- For Info and List commands the --obsoletes switch: "List packages
installed on the system that are obsoleted by packages in any known
repository." Given this specification in makes sense not to
consider resolved advisories when we also use security filters.
There is still a general case when someone uses the API or any potential
future use and I think it is best to have the behavior unified for
"upgrades" and "obsoletes".
= changelog =
msg: Don't include resolved advisories for obsoletes filtering with security filters
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2101421
Tests: https://github.com/rpm-software-management/ci-dnf-stack/pull/1134
---
dnf/base.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dnf/base.py b/dnf/base.py
index e606d9fa..e623d98e 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -1565,7 +1565,7 @@ class Base(object):
obsoletes = query_for_repo(
self.sack.query()).filter(obsoletes_by_priority=inst)
# reduce a query to security upgrades if they are specified
- obsoletes = self._merge_update_filters(obsoletes, warning=False)
+ obsoletes = self._merge_update_filters(obsoletes, warning=False, upgrade=True)
obsoletesTuples = []
for new in obsoletes:
obsoleted_reldeps = new.obsoletes
--
2.37.1

View File

@ -1,35 +0,0 @@
From 553a2c585db50599d5028ea6bb6462281bb88d02 Mon Sep 17 00:00:00 2001
From: Jaroslav Mracek <jmracek@redhat.com>
Date: Mon, 11 Jul 2022 12:27:14 +0200
Subject: [PATCH] Set default value for variable to prevent crash
(RhBug:2091636)
It ensure that read of file ended successfully.
https://bugzilla.redhat.com/show_bug.cgi?id=2091636
---
dnf/conf/substitutions.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/dnf/conf/substitutions.py b/dnf/conf/substitutions.py
index 703e4a4f..1281bdf0 100644
--- a/dnf/conf/substitutions.py
+++ b/dnf/conf/substitutions.py
@@ -53,6 +53,7 @@ class Substitutions(dict):
continue
for fsvar in fsvars:
filepath = os.path.join(dir_fsvars, fsvar)
+ val = None
if os.path.isfile(filepath):
try:
with open(filepath) as fp:
@@ -61,4 +62,5 @@ class Substitutions(dict):
val = val[:-1]
except (OSError, IOError):
continue
- self[fsvar] = val
+ if val is not None:
+ self[fsvar] = val
--
2.37.1

View File

@ -1,31 +0,0 @@
From 96a5bd61ab3b35f00f0b52bcd6428c7aea7d1ca5 Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Wed, 7 Sep 2022 14:27:07 +0200
Subject: [PATCH] Add doc related to --destdir and --downloadonly options
(RhBug:2100811)
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2100811
---
doc/command_ref.rst | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/doc/command_ref.rst b/doc/command_ref.rst
index 42aec72c..7a02448c 100644
--- a/doc/command_ref.rst
+++ b/doc/command_ref.rst
@@ -190,6 +190,10 @@ Options
``--downloadonly``
Download the resolved package set without performing any rpm transaction (install/upgrade/erase).
+ Packages are removed after the next successful transaction. This applies also when used together
+ with ``--destdir`` option as the directory is considered as a part of the DNF cache. To persist
+ the packages, use the ``download`` command instead.
+
``-e <error level>, --errorlevel=<error level>``
Error output level. This is an integer value between 0 (no error output) and
10 (shows all error messages), default is 3. Deprecated, use ``-v`` instead.
--
2.37.1

View File

@ -1,79 +0,0 @@
From aa724a639a641943ecf39038fd694abc2037e66d Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Mon, 22 Aug 2022 10:38:30 +0200
Subject: [PATCH] Expose plugin unload method to API (RhBug:2047251)
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2047251
---
dnf/base.py | 5 +++++
dnf/plugin.py | 1 +
doc/api_base.rst | 4 ++++
tests/api/test_dnf_base.py | 7 +++++++
4 files changed, 17 insertions(+)
diff --git a/dnf/base.py b/dnf/base.py
index e623d98e..4ddfae15 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -316,6 +316,11 @@ class Base(object):
"""Run plugins configure() method."""
self._plugins._run_config()
+ def unload_plugins(self):
+ # :api
+ """Run plugins unload() method."""
+ self._plugins._unload()
+
def update_cache(self, timer=False):
# :api
diff --git a/dnf/plugin.py b/dnf/plugin.py
index 06066e79..87c1f08f 100644
--- a/dnf/plugin.py
+++ b/dnf/plugin.py
@@ -164,6 +164,7 @@ class Plugins(object):
self._caller('transaction')
def _unload(self):
+ logger.debug(_('Plugins were unloaded'))
del sys.modules[DYNAMIC_PACKAGE]
def unload_removed_plugins(self, transaction):
diff --git a/doc/api_base.rst b/doc/api_base.rst
index 03396b69..35cbeef5 100644
--- a/doc/api_base.rst
+++ b/doc/api_base.rst
@@ -97,6 +97,10 @@
Configure plugins by running their configure() method.
+ .. method:: unload_plugins()
+
+ Unload all plugins.
+
.. method:: fill_sack([load_system_repo=True, load_available_repos=True])
Setup the package sack. If `load_system_repo` is ``True``, load information about packages in the local RPMDB into the sack. Else no package is considered installed during dependency solving. If `load_available_repos` is ``True``, load information about packages from the available repositories into the sack.
diff --git a/tests/api/test_dnf_base.py b/tests/api/test_dnf_base.py
index 33598189..e84e272b 100644
--- a/tests/api/test_dnf_base.py
+++ b/tests/api/test_dnf_base.py
@@ -95,6 +95,13 @@ class DnfBaseApiTest(TestCase):
self.base.configure_plugins()
+ def test_unload_plugins(self):
+ # Base.unload_plugins()
+ self.assertHasAttr(self.base, "unload_plugins")
+
+ self.base.init_plugins()
+ self.base.unload_plugins()
+
def test_update_cache(self):
# Base.update_cache(self, timer=False)
self.assertHasAttr(self.base, "update_cache")
--
2.37.1

View File

@ -1,105 +0,0 @@
From 7ba2cd6a86945e0ec6f9ed866e2ef6b6759ee092 Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Thu, 25 Aug 2022 08:06:34 +0200
Subject: [PATCH] Add support for group upgrade rollback (RhBug:2016070)
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2016070
---
dnf/db/group.py | 8 +++++++-
dnf/transaction_sr.py | 24 ++++++++++++++++++++++++
2 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/dnf/db/group.py b/dnf/db/group.py
index 4dc8cb06..312e3b98 100644
--- a/dnf/db/group.py
+++ b/dnf/db/group.py
@@ -34,14 +34,16 @@ class PersistorBase(object):
self._installed = {}
self._removed = {}
self._upgraded = {}
+ self._downgraded = {}
def __len__(self):
- return len(self._installed) + len(self._removed) + len(self._upgraded)
+ return len(self._installed) + len(self._removed) + len(self._upgraded) + len(self._downgraded)
def clean(self):
self._installed = {}
self._removed = {}
self._upgraded = {}
+ self._downgraded = {}
def _get_obj_id(self, obj):
raise NotImplementedError
@@ -62,6 +64,10 @@ class PersistorBase(object):
self._upgraded[self._get_obj_id(obj)] = obj
self._add_to_history(obj, libdnf.transaction.TransactionItemAction_UPGRADE)
+ def downgrade(self, obj):
+ self._downgraded[self._get_obj_id(obj)] = obj
+ self._add_to_history(obj, libdnf.transaction.TransactionItemAction_DOWNGRADE)
+
def new(self, obj_id, name, translated_name, pkg_types):
raise NotImplementedError
diff --git a/dnf/transaction_sr.py b/dnf/transaction_sr.py
index dae8d300..5d403a3e 100644
--- a/dnf/transaction_sr.py
+++ b/dnf/transaction_sr.py
@@ -416,6 +416,16 @@ class TransactionReplay(object):
if swdb_group is not None:
self._base.history.group.upgrade(swdb_group)
+ def _swdb_group_downgrade(self, group_id, pkg_types, pkgs):
+ if not self._base.history.group.get(group_id):
+ self._raise_or_warn(self._ignore_installed, _("Group id '%s' is not installed.") % group_id)
+ return
+
+ swdb_group = self._create_swdb_group(group_id, pkg_types, pkgs)
+
+ if swdb_group is not None:
+ self._base.history.group.downgrade(swdb_group)
+
def _swdb_group_remove(self, group_id, pkg_types, pkgs):
if not self._base.history.group.get(group_id):
self._raise_or_warn(self._ignore_installed, _("Group id '%s' is not installed.") % group_id)
@@ -482,6 +492,16 @@ class TransactionReplay(object):
if swdb_env is not None:
self._base.history.env.upgrade(swdb_env)
+ def _swdb_environment_downgrade(self, env_id, pkg_types, groups):
+ if not self._base.history.env.get(env_id):
+ self._raise_or_warn(self._ignore_installed, _("Environment id '%s' is not installed.") % env_id)
+ return
+
+ swdb_env = self._create_swdb_environment(env_id, pkg_types, groups)
+
+ if swdb_env is not None:
+ self._base.history.env.downgrade(swdb_env)
+
def _swdb_environment_remove(self, env_id, pkg_types, groups):
if not self._base.history.env.get(env_id):
self._raise_or_warn(self._ignore_installed, _("Environment id '%s' is not installed.") % env_id)
@@ -535,6 +555,8 @@ class TransactionReplay(object):
self._swdb_group_install(group_id, pkg_types, group_data["packages"])
elif action == "Upgrade":
self._swdb_group_upgrade(group_id, pkg_types, group_data["packages"])
+ elif action == "Downgraded":
+ self._swdb_group_downgrade(group_id, pkg_types, group_data["packages"])
elif action == "Removed":
self._swdb_group_remove(group_id, pkg_types, group_data["packages"])
else:
@@ -564,6 +586,8 @@ class TransactionReplay(object):
self._swdb_environment_install(env_id, pkg_types, env_data["groups"])
elif action == "Upgrade":
self._swdb_environment_upgrade(env_id, pkg_types, env_data["groups"])
+ elif action == "Downgraded":
+ self._swdb_environment_downgrade(env_id, pkg_types, env_data["groups"])
elif action == "Removed":
self._swdb_environment_remove(env_id, pkg_types, env_data["groups"])
else:
--
2.37.1

View File

@ -1,34 +0,0 @@
From 46562dc76e50d86eed99a102af74a1187a4303e4 Mon Sep 17 00:00:00 2001
From: Nicola Sella <nsella@redhat.com>
Date: Thu, 11 Aug 2022 13:56:11 +0200
Subject: [PATCH] Fix upgrade from file to noarch pkg (RhBug:2006018)
= changelog =
msg: Fix upgrade pkg from file when installed pkg is noarch and upgrades
to a different arch
type: bugfix
resolves: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2006018
---
dnf/base.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/dnf/base.py b/dnf/base.py
index 4ddfae15..aba411ea 100644
--- a/dnf/base.py
+++ b/dnf/base.py
@@ -2109,7 +2109,11 @@ class Base(object):
sltr.set(pkg=[pkg])
self._goal.upgrade(select=sltr)
return 1
- q = installed.filter(name=pkg.name, arch=[pkg.arch, "noarch"])
+ # do not filter by arch if the package is noarch
+ if pkg.arch == "noarch":
+ q = installed.filter(name=pkg.name)
+ else:
+ q = installed.filter(name=pkg.name, arch=[pkg.arch, "noarch"])
if not q:
msg = _("Package %s not installed, cannot update it.")
logger.warning(msg, pkg.name)
--
2.37.1

View File

@ -1,62 +0,0 @@
From 7a265cf17fe3531e45dde8ae622c496bef1e17ae Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Wed, 10 Aug 2022 16:24:08 +0200
Subject: [PATCH] Allow passing plugin parameters with dashes in names
(RhBug:1980712)
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1980712
---
dnf/plugin.py | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/dnf/plugin.py b/dnf/plugin.py
index 87c1f08f..b083727d 100644
--- a/dnf/plugin.py
+++ b/dnf/plugin.py
@@ -225,17 +225,17 @@ def _get_plugins_files(paths, disable_plugins, enable_plugins):
matched = True
enable_pattern_tested = False
for pattern_skip in disable_plugins:
- if fnmatch.fnmatch(plugin_name, pattern_skip):
+ if _plugin_name_matches_pattern(plugin_name, pattern_skip):
pattern_disable_found.add(pattern_skip)
matched = False
for pattern_enable in enable_plugins:
- if fnmatch.fnmatch(plugin_name, pattern_enable):
+ if _plugin_name_matches_pattern(plugin_name, pattern_enable):
matched = True
pattern_enable_found.add(pattern_enable)
enable_pattern_tested = True
if not enable_pattern_tested:
for pattern_enable in enable_plugins:
- if fnmatch.fnmatch(plugin_name, pattern_enable):
+ if _plugin_name_matches_pattern(plugin_name, pattern_enable):
pattern_enable_found.add(pattern_enable)
if matched:
plugins.append(fn)
@@ -250,6 +250,20 @@ def _get_plugins_files(paths, disable_plugins, enable_plugins):
return plugins
+def _plugin_name_matches_pattern(plugin_name, pattern):
+ """
+ Checks plugin name matches the pattern.
+
+ The alternative plugin name using dashes instead of underscores is tried
+ in case of original name is not matched.
+
+ (see https://bugzilla.redhat.com/show_bug.cgi?id=1980712)
+ """
+
+ try_names = set((plugin_name, plugin_name.replace('_', '-')))
+ return any(fnmatch.fnmatch(name, pattern) for name in try_names)
+
+
def register_command(command_class):
# :api
"""A class decorator for automatic command registration."""
--
2.37.1

View File

@ -1,97 +0,0 @@
From 9700b8fabd102fcf289281c3c04238da90d7b28e Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Tue, 13 Sep 2022 14:35:10 +0200
Subject: [PATCH] Fix plugins unit tests + unload plugins upon their deletion
=changelog=
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2134309
---
dnf/plugin.py | 8 ++++++--
tests/api/test_dnf_base.py | 24 +++++++++++++++++++-----
2 files changed, 25 insertions(+), 7 deletions(-)
diff --git a/dnf/plugin.py b/dnf/plugin.py
index b083727d..d2f46ce3 100644
--- a/dnf/plugin.py
+++ b/dnf/plugin.py
@@ -98,6 +98,9 @@ class Plugins(object):
self.plugin_cls = []
self.plugins = []
+ def __del__(self):
+ self._unload()
+
def _caller(self, method):
for plugin in self.plugins:
try:
@@ -164,8 +167,9 @@ class Plugins(object):
self._caller('transaction')
def _unload(self):
- logger.debug(_('Plugins were unloaded'))
- del sys.modules[DYNAMIC_PACKAGE]
+ if DYNAMIC_PACKAGE in sys.modules:
+ logger.log(dnf.logging.DDEBUG, 'Plugins were unloaded.')
+ del sys.modules[DYNAMIC_PACKAGE]
def unload_removed_plugins(self, transaction):
"""
diff --git a/tests/api/test_dnf_base.py b/tests/api/test_dnf_base.py
index e84e272b..19754b07 100644
--- a/tests/api/test_dnf_base.py
+++ b/tests/api/test_dnf_base.py
@@ -7,10 +7,23 @@ from __future__ import unicode_literals
import dnf
import dnf.conf
+import tests.support
+
from .common import TestCase
from .common import TOUR_4_4
+def conf_with_empty_plugins():
+ """
+ Use empty configuration to avoid importing plugins from default paths
+ which would lead to crash of other tests.
+ """
+ conf = tests.support.FakeConf()
+ conf.plugins = True
+ conf.pluginpath = []
+ return conf
+
+
class DnfBaseApiTest(TestCase):
def setUp(self):
self.base = dnf.Base(dnf.conf.Conf())
@@ -75,13 +88,12 @@ class DnfBaseApiTest(TestCase):
self.assertHasType(self.base.transaction, dnf.db.group.RPMTransaction)
def test_init_plugins(self):
- # Base.init_plugins(disabled_glob=(), enable_plugins=(), cli=None)
+ # Base.init_plugins()
self.assertHasAttr(self.base, "init_plugins")
- # disable plugins to avoid calling dnf.plugin.Plugins._load() multiple times
- # which causes the tests to crash
- self.base.conf.plugins = False
- self.base.init_plugins(disabled_glob=(), enable_plugins=(), cli=None)
+ self.base._conf = conf_with_empty_plugins()
+
+ self.base.init_plugins()
def test_pre_configure_plugins(self):
# Base.pre_configure_plugins()
@@ -99,6 +111,8 @@ class DnfBaseApiTest(TestCase):
# Base.unload_plugins()
self.assertHasAttr(self.base, "unload_plugins")
+ self.base._conf = conf_with_empty_plugins()
+
self.base.init_plugins()
self.base.unload_plugins()
--
2.37.3

View File

@ -1,31 +0,0 @@
From c9251d182be0bfa66345220cffe0842b44a061a8 Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Wed, 31 Aug 2022 07:49:39 +0200
Subject: [PATCH] Move system-upgrade plugin to core (RhBug:2054235)
Just doc fix.
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2054235
---
doc/command_ref.rst | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/doc/command_ref.rst b/doc/command_ref.rst
index 7a02448c..bee6a109 100644
--- a/doc/command_ref.rst
+++ b/doc/command_ref.rst
@@ -182,8 +182,7 @@ Options
``--downloaddir=<path>, --destdir=<path>``
Redirect downloaded packages to provided directory. The option has to be used together with the \-\
:ref:`-downloadonly <downloadonly-label>` command line option, with the
- ``download``, ``modulesync`` or ``reposync`` commands (dnf-plugins-core) or with the ``system-upgrade`` command
- (dnf-plugins-extras).
+ ``download``, ``modulesync``, ``reposync`` or ``system-upgrade`` commands (dnf-plugins-core).
.. _downloadonly-label:
--
2.37.3

View File

@ -1,58 +0,0 @@
From a32b2f7d596247124ad6ff5ab71bc83bf78f0518 Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Tue, 13 Sep 2022 13:55:35 +0200
Subject: [PATCH] Add support for rollback of group upgrade rollback
(RhBug:2016070)
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2016070
---
dnf/transaction_sr.py | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/dnf/transaction_sr.py b/dnf/transaction_sr.py
index 5d403a3e..b389f152 100644
--- a/dnf/transaction_sr.py
+++ b/dnf/transaction_sr.py
@@ -553,12 +553,14 @@ class TransactionReplay(object):
if action == "Install":
self._swdb_group_install(group_id, pkg_types, group_data["packages"])
- elif action == "Upgrade":
- self._swdb_group_upgrade(group_id, pkg_types, group_data["packages"])
- elif action == "Downgraded":
- self._swdb_group_downgrade(group_id, pkg_types, group_data["packages"])
elif action == "Removed":
self._swdb_group_remove(group_id, pkg_types, group_data["packages"])
+ # Groups are not versioned, but a reverse transaction could be applied,
+ # therefore we treat both actions the same way
+ elif action == "Upgrade" or action == "Upgraded":
+ self._swdb_group_upgrade(group_id, pkg_types, group_data["packages"])
+ elif action == "Downgrade" or action == "Downgraded":
+ self._swdb_group_downgrade(group_id, pkg_types, group_data["packages"])
else:
errors.append(TransactionError(
_('Unexpected value of group action "{action}" for group "{group}".')
@@ -584,12 +586,14 @@ class TransactionReplay(object):
if action == "Install":
self._swdb_environment_install(env_id, pkg_types, env_data["groups"])
- elif action == "Upgrade":
- self._swdb_environment_upgrade(env_id, pkg_types, env_data["groups"])
- elif action == "Downgraded":
- self._swdb_environment_downgrade(env_id, pkg_types, env_data["groups"])
elif action == "Removed":
self._swdb_environment_remove(env_id, pkg_types, env_data["groups"])
+ # Environments are not versioned, but a reverse transaction could be applied,
+ # therefore we treat both actions the same way
+ elif action == "Upgrade" or action == "Upgraded":
+ self._swdb_environment_upgrade(env_id, pkg_types, env_data["groups"])
+ elif action == "Downgrade" or action == "Downgraded":
+ self._swdb_environment_downgrade(env_id, pkg_types, env_data["groups"])
else:
errors.append(TransactionError(
_('Unexpected value of environment action "{action}" for environment "{env}".')
--
2.37.3

View File

@ -1,95 +0,0 @@
From 97fe94c94f030f5596a3a3ac52748bdd7544ad52 Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Tue, 1 Nov 2022 09:15:08 +0000
Subject: [PATCH] Document changes to offline-upgrade command (RhBug:1939975)
A support for security filters was added to the offline-upgrade command. This commit adds the documentation into the man pages.
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1939975
---
doc/command_ref.rst | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/doc/command_ref.rst b/doc/command_ref.rst
index bee6a109..7279b3a4 100644
--- a/doc/command_ref.rst
+++ b/doc/command_ref.rst
@@ -113,7 +113,7 @@ Options
``--advisory=<advisory>, --advisories=<advisory>``
Include packages corresponding to the advisory ID, Eg. FEDORA-2201-123.
- Applicable for the install, repoquery, updateinfo and upgrade commands.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
``--allowerasing``
Allow erasing of installed packages to resolve dependencies. This option could be used as an alternative to the ``yum swap`` command where packages to remove are not explicitly defined.
@@ -125,12 +125,12 @@ Options
Try the best available package versions in transactions. Specifically during :ref:`dnf upgrade <upgrade_command-label>`, which by default skips over updates that can not be installed for dependency reasons, the switch forces DNF to only consider the latest packages. When running into packages with broken dependencies, DNF will fail giving a reason why the latest version can not be installed.
``--bugfix``
- Include packages that fix a bugfix issue. Applicable for the install, repoquery, updateinfo and
- upgrade commands.
+ Include packages that fix a bugfix issue.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
``--bz=<bugzilla>, --bzs=<bugzilla>``
- Include packages that fix a Bugzilla ID, Eg. 123123. Applicable for the install, repoquery,
- updateinfo and upgrade commands.
+ Include packages that fix a Bugzilla ID, Eg. 123123.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
``-C, --cacheonly``
Run entirely from system cache, don't update the cache and use it even in case it is expired.
@@ -148,8 +148,8 @@ Options
``--cve=<cves>, --cves=<cves>``
Include packages that fix a CVE (Common Vulnerabilities and Exposures) ID
- (http://cve.mitre.org/about/), Eg. CVE-2201-0123. Applicable for the install, repoquery, updateinfo,
- and upgrade commands.
+ (http://cve.mitre.org/about/), Eg. CVE-2201-0123.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
``-d <debug level>, --debuglevel=<debug level>``
Debugging output level. This is an integer value between 0 (no additional information strings) and 10 (shows all debugging information, even that not understandable to the user), default is 2. Deprecated, use ``-v`` instead.
@@ -208,8 +208,8 @@ Options
Enable additional repositories by an id or a glob.
``--enhancement``
- Include enhancement relevant packages. Applicable for the install, repoquery, updateinfo and
- upgrade commands.
+ Include enhancement relevant packages.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
.. _exclude_option-label:
@@ -280,8 +280,8 @@ Options
``--setopt`` using configuration from ``/path/dnf.conf``.
``--newpackage``
- Include newpackage relevant packages. Applicable for the install, repoquery, updateinfo and
- upgrade commands.
+ Include newpackage relevant packages.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
``--noautoremove``
Disable removal of dependencies that are no longer used. It sets
@@ -353,11 +353,11 @@ Options
``--sec-severity=<severity>, --secseverity=<severity>``
Includes packages that provide a fix for an issue of the specified severity.
- Applicable for the install, repoquery, updateinfo and upgrade commands.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
``--security``
- Includes packages that provide a fix for a security issue. Applicable for the
- upgrade command.
+ Includes packages that provide a fix for a security issue.
+ Applicable for the ``install``, ``repoquery``, ``updateinfo``, ``upgrade`` and ``offline-upgrade`` (dnf-plugins-core) commands.
.. _setopt_option-label:
--
2.38.1

View File

@ -1,114 +0,0 @@
From f1fbef17862e033bf9518bd318339b405f2664dd Mon Sep 17 00:00:00 2001
From: Nicola Sella <nsella@redhat.com>
Date: Mon, 22 Mar 2021 17:37:51 +0100
Subject: [PATCH 1/2] Better explain traceback of rpm.error with dnf
=changelog=
msg: Add dnf.error message to explain rpm.error traceback when package not found after resolving a transaction
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1815327
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1887293
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1909845
---
dnf/db/group.py | 78 ++++++++++++++++++++++++++-----------------------
1 file changed, 41 insertions(+), 37 deletions(-)
diff --git a/dnf/db/group.py b/dnf/db/group.py
index 312e3b98..3a17019a 100644
--- a/dnf/db/group.py
+++ b/dnf/db/group.py
@@ -26,6 +26,7 @@ import dnf.exceptions
from dnf.i18n import _
from dnf.util import logger
+import rpm
class PersistorBase(object):
def __init__(self, history):
@@ -316,43 +317,46 @@ class RPMTransaction(object):
modular_problems = 0
for tsi in self:
- if tsi.action == libdnf.transaction.TransactionItemAction_DOWNGRADE:
- hdr = tsi.pkg._header
- modular_problems += self._test_fail_safe(hdr, tsi.pkg)
- ts.addInstall(hdr, tsi, 'u')
- elif tsi.action == libdnf.transaction.TransactionItemAction_DOWNGRADED:
- ts.addErase(tsi.pkg.idx)
- elif tsi.action == libdnf.transaction.TransactionItemAction_INSTALL:
- hdr = tsi.pkg._header
- modular_problems += self._test_fail_safe(hdr, tsi.pkg)
- ts.addInstall(hdr, tsi, 'i')
- elif tsi.action == libdnf.transaction.TransactionItemAction_OBSOLETE:
- hdr = tsi.pkg._header
- modular_problems += self._test_fail_safe(hdr, tsi.pkg)
- ts.addInstall(hdr, tsi, 'u')
- elif tsi.action == libdnf.transaction.TransactionItemAction_OBSOLETED:
- ts.addErase(tsi.pkg.idx)
- elif tsi.action == libdnf.transaction.TransactionItemAction_REINSTALL:
- # note: in rpm 4.12 there should not be set
- # rpm.RPMPROB_FILTER_REPLACEPKG to work
- hdr = tsi.pkg._header
- modular_problems += self._test_fail_safe(hdr, tsi.pkg)
- ts.addReinstall(hdr, tsi)
- elif tsi.action == libdnf.transaction.TransactionItemAction_REINSTALLED:
- # Required when multiple packages with the same NEVRA marked as installed
- ts.addErase(tsi.pkg.idx)
- elif tsi.action == libdnf.transaction.TransactionItemAction_REMOVE:
- ts.addErase(tsi.pkg.idx)
- elif tsi.action == libdnf.transaction.TransactionItemAction_UPGRADE:
- hdr = tsi.pkg._header
- modular_problems += self._test_fail_safe(hdr, tsi.pkg)
- ts.addInstall(hdr, tsi, 'u')
- elif tsi.action == libdnf.transaction.TransactionItemAction_UPGRADED:
- ts.addErase(tsi.pkg.idx)
- elif tsi.action == libdnf.transaction.TransactionItemAction_REASON_CHANGE:
- pass
- else:
- raise RuntimeError("TransactionItemAction not handled: %s" % tsi.action)
+ try:
+ if tsi.action == libdnf.transaction.TransactionItemAction_DOWNGRADE:
+ hdr = tsi.pkg._header
+ modular_problems += self._test_fail_safe(hdr, tsi.pkg)
+ ts.addInstall(hdr, tsi, 'u')
+ elif tsi.action == libdnf.transaction.TransactionItemAction_DOWNGRADED:
+ ts.addErase(tsi.pkg.idx)
+ elif tsi.action == libdnf.transaction.TransactionItemAction_INSTALL:
+ hdr = tsi.pkg._header
+ modular_problems += self._test_fail_safe(hdr, tsi.pkg)
+ ts.addInstall(hdr, tsi, 'i')
+ elif tsi.action == libdnf.transaction.TransactionItemAction_OBSOLETE:
+ hdr = tsi.pkg._header
+ modular_problems += self._test_fail_safe(hdr, tsi.pkg)
+ ts.addInstall(hdr, tsi, 'u')
+ elif tsi.action == libdnf.transaction.TransactionItemAction_OBSOLETED:
+ ts.addErase(tsi.pkg.idx)
+ elif tsi.action == libdnf.transaction.TransactionItemAction_REINSTALL:
+ # note: in rpm 4.12 there should not be set
+ # rpm.RPMPROB_FILTER_REPLACEPKG to work
+ hdr = tsi.pkg._header
+ modular_problems += self._test_fail_safe(hdr, tsi.pkg)
+ ts.addReinstall(hdr, tsi)
+ elif tsi.action == libdnf.transaction.TransactionItemAction_REINSTALLED:
+ # Required when multiple packages with the same NEVRA marked as installed
+ ts.addErase(tsi.pkg.idx)
+ elif tsi.action == libdnf.transaction.TransactionItemAction_REMOVE:
+ ts.addErase(tsi.pkg.idx)
+ elif tsi.action == libdnf.transaction.TransactionItemAction_UPGRADE:
+ hdr = tsi.pkg._header
+ modular_problems += self._test_fail_safe(hdr, tsi.pkg)
+ ts.addInstall(hdr, tsi, 'u')
+ elif tsi.action == libdnf.transaction.TransactionItemAction_UPGRADED:
+ ts.addErase(tsi.pkg.idx)
+ elif tsi.action == libdnf.transaction.TransactionItemAction_REASON_CHANGE:
+ pass
+ else:
+ raise RuntimeError("TransactionItemAction not handled: %s" % tsi.action)
+ except rpm.error as e:
+ raise dnf.exceptions.Error(_("An rpm exception occurred: %s" % e))
if modular_problems:
raise dnf.exceptions.Error(_("No available modular metadata for modular package"))
--
2.39.0

View File

@ -1,50 +0,0 @@
From 23742561dcb168604d9668815a8c1ebbdf516d39 Mon Sep 17 00:00:00 2001
From: Jan Kolarik <jkolarik@redhat.com>
Date: Wed, 23 Nov 2022 08:44:41 +0000
Subject: [PATCH 2/2] Ignore processing variable files with unsupported
encoding (RhBug:2141215)
This issue could be seen for example when there are some temporary files stored by text editors in the `/etc/dnf/vars` folder. These files could be in the binary format and causes `UnicodeDecodeError` exception to be thrown during processing of the var files.
= changelog =
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2141215
---
dnf/conf/substitutions.py | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/dnf/conf/substitutions.py b/dnf/conf/substitutions.py
index 1281bdf0..4d0f0d55 100644
--- a/dnf/conf/substitutions.py
+++ b/dnf/conf/substitutions.py
@@ -18,13 +18,15 @@
# Red Hat, Inc.
#
+import logging
import os
import re
-import dnf
-import dnf.exceptions
+from dnf.i18n import _
ENVIRONMENT_VARS_RE = re.compile(r'^DNF_VAR_[A-Za-z0-9_]+$')
+logger = logging.getLogger('dnf')
+
class Substitutions(dict):
# :api
@@ -60,7 +62,8 @@ class Substitutions(dict):
val = fp.readline()
if val and val[-1] == '\n':
val = val[:-1]
- except (OSError, IOError):
+ except (OSError, IOError, UnicodeDecodeError) as e:
+ logger.warning(_("Error when parsing a variable from file '{0}': {1}").format(filepath, e))
continue
if val is not None:
self[fsvar] = val
--
2.39.0

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

0
tmp Normal file
View File