From 1a7e136aebe537c50b98c294bdb76474ab1fd934 Mon Sep 17 00:00:00 2001 From: Marek Blaha Date: Mon, 21 Oct 2024 13:13:27 +0200 Subject: [PATCH] automatic: Check availability of config file Resolves: RHEL-49743 --- ...ic-Check-availability-of-config-file.patch | 81 +++++++++++++++++++ dnf.spec | 6 +- 2 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 0033-automatic-Check-availability-of-config-file.patch diff --git a/0033-automatic-Check-availability-of-config-file.patch b/0033-automatic-Check-availability-of-config-file.patch new file mode 100644 index 0000000..aa169ac --- /dev/null +++ b/0033-automatic-Check-availability-of-config-file.patch @@ -0,0 +1,81 @@ +From d8bd8174426a2d053b20acc7c2bcd83a572fc1d5 Mon Sep 17 00:00:00 2001 +From: Marek Blaha +Date: Thu, 17 Oct 2024 13:30:21 +0200 +Subject: [PATCH] automatic: Check availability of config file + +Upstream commit: 13ecc3921fb1566c2af7b80d5cb515d8fc4e5ec9 +RHEL issue: https://issues.redhat.com/browse/RHEL-49743 + +If a configuration file is explicitly specified on the command line, +ensure that it exists and is readable. If the file is not found, notify +the user immediately and terminate the process. + +This resolves issues where users may run dnf-automatic with unrecognized +positional arguments, such as `dnf-automatic install`. + +The most natural approach to handle a non-existing config file would be +by catching the exception thrown by the `read()` method of the +`libdnf.conf.ConfigParser` class. Unfortunately, the Python bindings +override the `read()` method at the SWIG level, causing it to suppress any +potentially raised IOError. +For details see this section of the commit +https://github.com/rpm-software-management/libdnf/commit/8f1fedf8551b72d6bc24018f5980714b3a103aeb + +def ConfigParser__newRead(self, filenames): + parsedFNames = [] + try: + if isinstance(filenames, str) or isinstance(filenames, unicode): + filenames = [filenames] + except NameError: + pass + for fname in filenames: + try: + self.readFileName(fname) + parsedFNames.append(fname) + except IOError: + pass + except Exception as e: + raise RuntimeError("Parsing file '%s' failed: %s" % (fname, str(e))) + return parsedFNames +ConfigParser.read = ConfigParser__newRead + +Resolves: https://issues.redhat.com/browse/RHEL-46030 +--- + dnf/automatic/main.py | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/dnf/automatic/main.py b/dnf/automatic/main.py +index caef627f..bb0bd493 100644 +--- a/dnf/automatic/main.py ++++ b/dnf/automatic/main.py +@@ -74,7 +74,7 @@ def build_emitters(conf): + + def parse_arguments(args): + parser = argparse.ArgumentParser() +- parser.add_argument('conf_path', nargs='?', default=dnf.const.CONF_AUTOMATIC_FILENAME) ++ parser.add_argument('conf_path', nargs='?') + parser.add_argument('--timer', action='store_true') + parser.add_argument('--installupdates', dest='installupdates', action='store_true') + parser.add_argument('--downloadupdates', dest='downloadupdates', action='store_true') +@@ -89,7 +89,17 @@ def parse_arguments(args): + class AutomaticConfig(object): + def __init__(self, filename=None, downloadupdates=None, + installupdates=None): +- if not filename: ++ if filename: ++ # Specific config file was explicitely requested. Check that it exists ++ # and is readable. ++ if os.access(filename, os.F_OK): ++ if not os.access(filename, os.R_OK): ++ raise dnf.exceptions.Error( ++ "Configuration file \"{}\" is not readable.".format(filename)) ++ else: ++ raise dnf.exceptions.Error( ++ "Configuration file \"{}\" not found.".format(filename)) ++ else: + filename = dnf.const.CONF_AUTOMATIC_FILENAME + self.commands = CommandsConfig() + self.email = EmailConfig() +-- +2.47.0 + diff --git a/dnf.spec b/dnf.spec index 0d795d9..42b2ccb 100644 --- a/dnf.spec +++ b/dnf.spec @@ -69,7 +69,7 @@ It supports RPMs, modules and comps groups & environments. Name: dnf Version: 4.14.0 -Release: 20%{?dist} +Release: 21%{?dist} Summary: %{pkg_summary} # For a breakdown of the licensing, see PACKAGE-LICENSING License: GPLv2+ @@ -107,6 +107,7 @@ Patch29: 0029-Update-bootc-hosts-message-to-point-to-bootc-help.patch Patch30: 0030-Allow-installroot-on-read-only-bootc-system.patch Patch31: 0031-smtplib-catch-OSError-not-SMTPException.patch Patch32: 0032-Allow-downloadonly-on-read-only-bootc-system.patch +Patch33: 0033-automatic-Check-availability-of-config-file.patch BuildArch: noarch BuildRequires: cmake @@ -395,6 +396,9 @@ popd %{python3_sitelib}/%{name}/automatic/ %changelog +* Mon Oct 21 2024 Marek Blaha - 4.14.0-21 +- automatic: Check availability of config file (RHEL-49743) + * Thu Oct 10 2024 Petr Pisar - 4.14.0-20 - Allow "dnf install --downloadonly" on locked OSTree and bootc systems (RHEL-61745)