import libdnf-0.67.0-2.el9

This commit is contained in:
CentOS Sources 2022-09-27 10:40:56 -04:00 committed by Stepan Oksanichenko
parent de193c30d7
commit ad18ac59c0
8 changed files with 190 additions and 5155 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/libdnf-0.65.0.tar.gz
SOURCES/libdnf-0.67.0.tar.gz

View File

@ -1 +1 @@
95bd8ed682ca9c1b20913afba767c5e91fa3da13 SOURCES/libdnf-0.65.0.tar.gz
2abb8e24d867da4433345678764163e703b7729f SOURCES/libdnf-0.67.0.tar.gz

View File

@ -1,383 +0,0 @@
From 5fbecb9533a5584d20a2b76f5816e58c2ffbb6f6 Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Wed, 2 Feb 2022 08:45:36 +0100
Subject: [PATCH 1/2] Use `rpmdbCookie` from librpm, remove
`hawkey.Sack._rpmdb_version`
`dnf_sack_get_rpmdb_version` function that computed the hash of installed
packages was removed. `rpmdbCookie` function from librpm is used in context
part of libdnf instead.
The private Python function `hawkey.Sack._rpmdb_version()` was removed too.
It was used by DNF. The new version of DNF uses
`rpm.TransactionSet.dbCookie()` function from librpm, which wraps
the `rpmdbCookie` function. So the same librpm function will be used
in context part of libdnf (e.g. by microdnf) and in the DNF.
`rpmdbCookie` funkcion is safer. It also detect reinstalation of package
as a change. That will be needed in the future to determining if the libsolv
cache is still valid.
It also solves the libdnf problem with SHA1 in FIPS mode.
= changelog =
msg: Use `rpmdbCookie` from librpm, remove `hawkey.Sack._rpmdb_version`
type: bugfix
related: https://bugzilla.redhat.com/show_bug.cgi?id=2043476
---
libdnf/dnf-sack-private.hpp | 15 ------------
libdnf/dnf-sack.cpp | 40 -------------------------------
libdnf/dnf-transaction.cpp | 48 +++++++++++++++++++++----------------
python/hawkey/sack-py.cpp | 8 -------
4 files changed, 27 insertions(+), 84 deletions(-)
diff --git a/libdnf/dnf-sack-private.hpp b/libdnf/dnf-sack-private.hpp
index 89873534..2db96320 100644
--- a/libdnf/dnf-sack-private.hpp
+++ b/libdnf/dnf-sack-private.hpp
@@ -81,19 +81,4 @@ std::pair<std::vector<std::vector<std::string>>, libdnf::ModulePackageContainer:
std::vector<libdnf::ModulePackage *> requiresModuleEnablement(DnfSack * sack, const libdnf::PackageSet * installSet);
-/**
- * @brief Return fingerprint of installed RPMs.
- * The format is <count>:<hash>.
- * <count> is a count of installed RPMs.
- * <hash> is a sha1 hash of sorted sha1hdr hashes of installed RPMs.
- *
- * The count can be computed from the command line by running:
- * rpm -qa --qf='%{name}\n' | grep -v '^gpg-pubkey$' | wc -l
- *
- * The hash can be computed from the command line by running:
- * rpm -qa --qf='%{name} %{sha1header}\n' | grep -v '^gpg-pubkey ' \
- * | cut -d ' ' -f 2 | LC_ALL=C sort | tr -d '\n' | sha1sum
- */
-std::string dnf_sack_get_rpmdb_version(DnfSack *sack);
-
#endif // HY_SACK_INTERNAL_H
diff --git a/libdnf/dnf-sack.cpp b/libdnf/dnf-sack.cpp
index a88e8a1c..13977730 100644
--- a/libdnf/dnf-sack.cpp
+++ b/libdnf/dnf-sack.cpp
@@ -80,7 +80,6 @@ extern "C" {
#include "module/ModulePackage.hpp"
#include "repo/Repo-private.hpp"
#include "repo/solvable/DependencyContainer.hpp"
-#include "utils/crypto/sha1.hpp"
#include "utils/File.hpp"
#include "utils/utils.hpp"
#include "log.hpp"
@@ -2535,42 +2534,3 @@ std::pair<std::vector<std::vector<std::string>>, libdnf::ModulePackageContainer:
setModuleExcludes(sack, hotfixRepos, *moduleContainer);
return ret;
}
-
-std::string dnf_sack_get_rpmdb_version(DnfSack *sack) {
- // collect all sha1hdr checksums
- // they are sufficiently unique IDs that represent installed RPMs
- std::vector<std::string> checksums;
-
- // iterate all @System repo RPMs (rpmdb records)
- libdnf::Query query{sack, libdnf::Query::ExcludeFlags::IGNORE_EXCLUDES};
- query.installed();
-
- auto pset = query.getResultPset();
- Id id = -1;
- while(true) {
- id = pset->next(id);
- if (id == -1) {
- break;
- }
- DnfPackage *pkg = dnf_package_new(sack, id);
- // store pkgid (equals to sha1hdr)
- checksums.push_back(libdnf::string::fromCstring(dnf_package_get_pkgid(pkg)));
- g_object_unref(pkg);
- }
-
- // sort checksums to compute the output checksum always the same
- std::sort(checksums.begin(), checksums.end());
-
- SHA1Hash h;
- for (auto & checksum : checksums) {
- h.update(checksum.c_str());
- }
-
- // build <count>:<hash> output
- std::ostringstream result;
- result << checksums.size();
- result << ":";
- result << h.hexdigest();
-
- return result.str();
-}
diff --git a/libdnf/dnf-transaction.cpp b/libdnf/dnf-transaction.cpp
index e0966582..d93c5ec6 100644
--- a/libdnf/dnf-transaction.cpp
+++ b/libdnf/dnf-transaction.cpp
@@ -28,6 +28,7 @@
* This object represents an RPM transaction.
*/
+#include <rpm/rpmdb.h>
#include <rpm/rpmlib.h>
#include <rpm/rpmlog.h>
#include <rpm/rpmts.h>
@@ -53,6 +54,7 @@
#include "transaction/Swdb.hpp"
#include "transaction/Transformer.hpp"
#include "utils/bgettext/bgettext-lib.h"
+#include "utils/utils.hpp"
typedef enum {
DNF_TRANSACTION_STEP_STARTED,
@@ -1136,9 +1138,8 @@ dnf_transaction_commit(DnfTransaction *transaction, HyGoal goal, DnfState *state
libdnf::Swdb *swdb = priv->swdb;
PluginHookContextTransactionData data{PLUGIN_HOOK_ID_CONTEXT_PRE_TRANSACTION, transaction, goal, state};
DnfSack * sack = hy_goal_get_sack(goal);
- DnfSack * rpmdb_version_sack = NULL;
- std::string rpmdb_begin;
- std::string rpmdb_end;
+ std::unique_ptr<char, decltype(free)*> rpmdb_cookie_uptr{nullptr, free};
+ std::string rpmdb_cookie;
/* take lock */
ret = dnf_state_take_lock(state, DNF_LOCK_TYPE_RPMDB, DNF_LOCK_MODE_PROCESS, error);
@@ -1431,17 +1432,24 @@ dnf_transaction_commit(DnfTransaction *transaction, HyGoal goal, DnfState *state
if (!dnf_context_plugin_hook(priv->context, PLUGIN_HOOK_ID_CONTEXT_PRE_TRANSACTION, &data, nullptr))
goto out;
- // FIXME get commandline
- if (sack) {
- rpmdb_begin = dnf_sack_get_rpmdb_version(sack);
- } else {
- // if sack is not available, create a custom instance
- rpmdb_version_sack = dnf_sack_new();
- dnf_sack_load_system_repo(rpmdb_version_sack, nullptr, DNF_SACK_LOAD_FLAG_NONE, nullptr);
- rpmdb_begin = dnf_sack_get_rpmdb_version(rpmdb_version_sack);
- g_object_unref(rpmdb_version_sack);
+ // Open rpm database if it is not already open
+ if (!rpmtsGetRdb(priv->ts)) {
+ rc = rpmtsOpenDB(priv->ts, rpmtsGetDBMode(priv->ts));
+ if (rc != 0) {
+ ret = FALSE;
+ g_set_error(
+ error, DNF_ERROR, DNF_ERROR_INTERNAL_ERROR, _("Error %i opening rpm database"), rc);
+ goto out;
+ }
}
- swdb->beginTransaction(_get_current_time(), rpmdb_begin, "", priv->uid);
+
+ rpmdb_cookie_uptr.reset(rpmdbCookie(rpmtsGetRdb(priv->ts)));
+ rpmdb_cookie = libdnf::string::fromCstring(rpmdb_cookie_uptr.get());
+ if (rpmdb_cookie.empty()) {
+ g_critical(_("The rpmdbCookie() function did not return cookie of rpm database."));
+ }
+ // FIXME get commandline
+ swdb->beginTransaction(_get_current_time(), rpmdb_cookie, "", priv->uid);
/* run the transaction */
priv->state = dnf_state_get_child(state);
@@ -1481,14 +1489,12 @@ dnf_transaction_commit(DnfTransaction *transaction, HyGoal goal, DnfState *state
if (!ret)
goto out;
- // finalize swdb transaction
- // always load a new sack with rpmdb state after the transaction
- rpmdb_version_sack = dnf_sack_new();
- dnf_sack_load_system_repo(rpmdb_version_sack, nullptr, DNF_SACK_LOAD_FLAG_NONE, nullptr);
- rpmdb_end = dnf_sack_get_rpmdb_version(rpmdb_version_sack);
- g_object_unref(rpmdb_version_sack);
-
- swdb->endTransaction(_get_current_time(), rpmdb_end.c_str(), libdnf::TransactionState::DONE);
+ rpmdb_cookie_uptr.reset(rpmdbCookie(rpmtsGetRdb(priv->ts)));
+ rpmdb_cookie = libdnf::string::fromCstring(rpmdb_cookie_uptr.get());
+ if (rpmdb_cookie.empty()) {
+ g_critical(_("The rpmdbCookie() function did not return cookie of rpm database."));
+ }
+ swdb->endTransaction(_get_current_time(), rpmdb_cookie, libdnf::TransactionState::DONE);
swdb->closeTransaction();
data.hookId = PLUGIN_HOOK_ID_CONTEXT_TRANSACTION;
diff --git a/python/hawkey/sack-py.cpp b/python/hawkey/sack-py.cpp
index 4de499cb..fcb5cd61 100644
--- a/python/hawkey/sack-py.cpp
+++ b/python/hawkey/sack-py.cpp
@@ -783,13 +783,6 @@ load_repo(_SackObject *self, PyObject *args, PyObject *kwds) try
Py_RETURN_NONE;
} CATCH_TO_PYTHON
-static PyObject *
-rpmdb_version(_SackObject *self, PyObject *unused) try
-{
- auto result = dnf_sack_get_rpmdb_version(self->sack);
- return PyString_FromString(result.c_str());
-} CATCH_TO_PYTHON
-
static Py_ssize_t
len(_SackObject *self) try
{
@@ -858,7 +851,6 @@ PyMethodDef sack_methods[] = {
METH_VARARGS | METH_KEYWORDS, NULL},
{"load_repo", (PyCFunction)load_repo, METH_VARARGS | METH_KEYWORDS,
NULL},
- {"_rpmdb_version", (PyCFunction)rpmdb_version, METH_VARARGS | METH_KEYWORDS, NULL},
{NULL} /* sentinel */
};
--
2.34.1
From 3dae1fd8754ec9521e16e2e11a7c4bf2c81bbb02 Mon Sep 17 00:00:00 2001
From: Jaroslav Rohel <jrohel@redhat.com>
Date: Wed, 2 Feb 2022 18:00:39 +0100
Subject: [PATCH 2/2] Remove class `SHA1Hash`, which is no longer used, remove
OpenSSL require
The class was used by the `dnf_sack_get_rpmdb_version` function, which was
removed. The `rpmdbCookie` function from librpm is used instead.
---
CMakeLists.txt | 1 -
libdnf.spec | 1 -
libdnf/CMakeLists.txt | 1 -
libdnf/utils/CMakeLists.txt | 1 -
libdnf/utils/crypto/CMakeLists.txt | 5 -----
libdnf/utils/crypto/sha1.cpp | 36 ------------------------------
libdnf/utils/crypto/sha1.hpp | 25 ---------------------
7 files changed, 70 deletions(-)
delete mode 100644 libdnf/utils/crypto/CMakeLists.txt
delete mode 100644 libdnf/utils/crypto/sha1.cpp
delete mode 100644 libdnf/utils/crypto/sha1.hpp
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 60cf1b8c..7149b9e6 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -52,7 +52,6 @@ endif()
# build dependencies
find_package(Gpgme REQUIRED)
find_package(LibSolv 0.6.30 REQUIRED COMPONENTS ext)
-find_package(OpenSSL REQUIRED)
# build dependencies via pkg-config
diff --git a/libdnf.spec b/libdnf.spec
index 697911f0..89d2fb40 100644
--- a/libdnf.spec
+++ b/libdnf.spec
@@ -83,7 +83,6 @@ BuildRequires: pkgconfig(zck) >= 0.9.11
BuildRequires: pkgconfig(sqlite3)
BuildRequires: pkgconfig(json-c)
BuildRequires: pkgconfig(cppunit)
-BuildRequires: pkgconfig(libcrypto)
BuildRequires: pkgconfig(modulemd-2.0) >= %{libmodulemd_version}
BuildRequires: pkgconfig(smartcols)
BuildRequires: gettext
diff --git a/libdnf/CMakeLists.txt b/libdnf/CMakeLists.txt
index 998a6f94..9e71d139 100644
--- a/libdnf/CMakeLists.txt
+++ b/libdnf/CMakeLists.txt
@@ -75,7 +75,6 @@ target_link_libraries(libdnf
${GLIB_GIO_UNIX_LIBRARIES}
${LIBSOLV_LIBRARY}
${LIBSOLV_EXT_LIBRARY}
- ${OPENSSL_CRYPTO_LIBRARY}
${RPM_LIBRARIES}
${SCOLS_LIBRARIES}
${SQLite3_LIBRARIES}
diff --git a/libdnf/utils/CMakeLists.txt b/libdnf/utils/CMakeLists.txt
index 71a1042c..4ec456ef 100644
--- a/libdnf/utils/CMakeLists.txt
+++ b/libdnf/utils/CMakeLists.txt
@@ -1,5 +1,4 @@
add_subdirectory(bgettext)
-add_subdirectory(crypto)
add_subdirectory(iniparser)
add_subdirectory(regex)
add_subdirectory(sqlite3)
diff --git a/libdnf/utils/crypto/CMakeLists.txt b/libdnf/utils/crypto/CMakeLists.txt
deleted file mode 100644
index 149d100c..00000000
--- a/libdnf/utils/crypto/CMakeLists.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-set(UTILS_SOURCES
- ${UTILS_SOURCES}
- ${CMAKE_CURRENT_SOURCE_DIR}/sha1.cpp
- PARENT_SCOPE
-)
diff --git a/libdnf/utils/crypto/sha1.cpp b/libdnf/utils/crypto/sha1.cpp
deleted file mode 100644
index 1533ee6b..00000000
--- a/libdnf/utils/crypto/sha1.cpp
+++ /dev/null
@@ -1,36 +0,0 @@
-#include <cstring>
-
-#include <iomanip>
-#include <sstream>
-
-#include "sha1.hpp"
-
-
-SHA1Hash::SHA1Hash()
-{
- md_ctx = EVP_MD_CTX_new();
- EVP_DigestInit_ex(md_ctx, EVP_sha1(), NULL);
-}
-
-
-void
-SHA1Hash::update(const char * data)
-{
- EVP_DigestUpdate(md_ctx, data, strlen(data));
-}
-
-
-std::string
-SHA1Hash::hexdigest()
-{
- unsigned char md[digestLength];
- EVP_DigestFinal_ex(md_ctx, md, NULL);
-
- std::stringstream ss;
- for(int i=0; i<digestLength; i++) {
- ss << std::setfill('0') << std::setw(2) << std::hex << static_cast<int>(md[i]);
- }
-
- EVP_MD_CTX_free(md_ctx);
- return ss.str();
-}
diff --git a/libdnf/utils/crypto/sha1.hpp b/libdnf/utils/crypto/sha1.hpp
deleted file mode 100644
index 9f1dfdeb..00000000
--- a/libdnf/utils/crypto/sha1.hpp
+++ /dev/null
@@ -1,25 +0,0 @@
-#include <string>
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-
-
-/*
-USAGE:
-
-SHA1Hash h;
-h.update("foo");
-h.update("bar");
-std::cout << h.hexdigest() << std::endl;
-*/
-
-
-class SHA1Hash {
-public:
- SHA1Hash();
- void update(const char *data);
- std::string hexdigest();
- static constexpr int digestLength = SHA_DIGEST_LENGTH;
-
-private:
- EVP_MD_CTX *md_ctx;
-};
--
2.34.1

View File

@ -0,0 +1,100 @@
From c17e59faf6075e7ddb803f6393e86653afd6b16d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Mon, 30 May 2022 08:59:41 +0200
Subject: [PATCH] advisory upgrade: filter out advPkgs with different arch
This prevents a situation in security upgrades where libsolv cannot
upgrade dependent pkgs because we ask for an upgrade of different arch:
We can get the following testcase if libdnf has filtered out
json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
(because there is an advisory for already installed json-c-1-1.el8.x86_64) but
json-c-2-2.el8.i686@rhel-8-for-x86_64-baseos-rpms is not filtered out because
it has different architecture. The resulting transaction doesn't work.
```
repo @System -99.-1000 testtags <inline>
#>=Pkg: bind-libs-lite 1 1.el8 x86_64
#>=Pkg: json-c 1 1.el8 x86_64
repo rhel-8-for-x86_64-baseos-rpms -99.-1000 testtags <inline>
#>=Pkg: json-c 2 2.el8 x86_64
#>=Prv: libjson-c.so.4()(64bit)
#>
#>=Pkg: json-c 2 2.el8 i686
#>=Prv: libjson-c.so.4()
#>
#>=Pkg: bind-libs-lite 2 2.el8 x86_64
#>=Req: libjson-c.so.4()(64bit)
system x86_64 rpm @System
job update oneof json-c-1-1.el8.x86_64@@System json-c-2-2.el8.i686@rhel-8-for-x86_64-baseos-rpms bind-libs-lite-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms [forcebest,targeted,setevr,setarch]
result transaction,problems <inline>
#>problem f06d81a4 info package bind-libs-lite-2-2.el8.x86_64 requires libjson-c.so.4()(64bit), but none of the providers can be installed
#>problem f06d81a4 solution 96f9031b allow bind-libs-lite-1-1.el8.x86_64@@System
#>problem f06d81a4 solution c8daf94f allow json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
#>upgrade bind-libs-lite-1-1.el8.x86_64@@System bind-libs-lite-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
#>upgrade json-c-1-1.el8.x86_64@@System json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms```
```
= changelog =
msg: Filter out advisory pkgs with different arch during advisory upgrade, fixes possible problems in dependency resulution.
type: bugfix
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2088149
---
libdnf/sack/query.cpp | 25 +++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
diff --git a/libdnf/sack/query.cpp b/libdnf/sack/query.cpp
index ac2736b5..03d39659 100644
--- a/libdnf/sack/query.cpp
+++ b/libdnf/sack/query.cpp
@@ -1877,12 +1877,6 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
std::vector<Solvable *> candidates;
std::vector<Solvable *> installed_solvables;
- Id id = -1;
- while ((id = resultPset->next(id)) != -1) {
- candidates.push_back(pool_id2solvable(pool, id));
- }
- NameArchEVRComparator cmp_key(pool);
-
if (cmp_type & HY_UPGRADE) {
Query installed(sack, ExcludeFlags::IGNORE_EXCLUDES);
installed.installed();
@@ -1893,6 +1887,18 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
installed_solvables.push_back(pool_id2solvable(pool, installed_id));
}
std::sort(installed_solvables.begin(), installed_solvables.end(), NameArchSolvableComparator);
+ Id id = -1;
+ while ((id = resultPset->next(id)) != -1) {
+ Solvable * s = pool_id2solvable(pool, id);
+ // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch
+ // with some already installed pkg (in other words: some other version of the pkg is already installed).
+ // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
+ // It can result in dependency issues, reported as: RhBug:2088149.
+ auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameArchSolvableComparator);
+ if (low != installed_solvables.end() && s->name == (*low)->name && s->arch == (*low)->arch) {
+ candidates.push_back(s);
+ }
+ }
// Apply security filters only to packages with lower priority - to unify behaviour upgrade
// and upgrade-minimal
@@ -1915,7 +1921,14 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
}
}
std::swap(candidates, priority_candidates);
+ } else {
+ Id id = -1;
+ while ((id = resultPset->next(id)) != -1) {
+ candidates.push_back(pool_id2solvable(pool, id));
+ }
}
+
+ NameArchEVRComparator cmp_key(pool);
std::sort(candidates.begin(), candidates.end(), cmp_key);
for (auto & advisoryPkg : pkgs) {
if (cmp_type & HY_UPGRADE) {
--
2.36.1

View File

@ -0,0 +1,71 @@
From 549d248c9b331d19a0fd355fc605ab8912ed50f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
Date: Tue, 5 Jul 2022 09:02:22 +0200
Subject: [PATCH] Add obsoletes to filtering for advisory candidates
Patch https://github.com/rpm-software-management/libdnf/pull/1526
introduced a regression where we no longer do a security upgrade if a
package A is installed and package B obsoletes A and B is available in two
versions while there is an advisory for the second version.
Test: https://github.com/rpm-software-management/ci-dnf-stack/pull/1130
---
libdnf/sack/query.cpp | 32 ++++++++++++++++++++++++++++----
1 file changed, 28 insertions(+), 4 deletions(-)
diff --git a/libdnf/sack/query.cpp b/libdnf/sack/query.cpp
index 03d39659..5355f9f7 100644
--- a/libdnf/sack/query.cpp
+++ b/libdnf/sack/query.cpp
@@ -1878,6 +1878,13 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
std::vector<Solvable *> installed_solvables;
if (cmp_type & HY_UPGRADE) {
+ // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch with:
+ // * some already installed pkg (in other words: some other version of the pkg is already installed)
+ // or
+ // * with pkg that obsoletes some already installed (or to be installed in this transaction) pkg
+ // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
+ // It can result in dependency issues, reported as: RhBug:2088149.
+
Query installed(sack, ExcludeFlags::IGNORE_EXCLUDES);
installed.installed();
installed.addFilter(HY_PKG_LATEST_PER_ARCH, HY_EQ, 1);
@@ -1887,13 +1894,30 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
installed_solvables.push_back(pool_id2solvable(pool, installed_id));
}
std::sort(installed_solvables.begin(), installed_solvables.end(), NameArchSolvableComparator);
+
+ Query obsoletes(sack, ExcludeFlags::IGNORE_EXCLUDES);
+ obsoletes.addFilter(HY_PKG, HY_EQ, resultPset);
+ obsoletes.available();
+
+ Query possibly_obsoleted(sack, ExcludeFlags::IGNORE_EXCLUDES);
+ possibly_obsoleted.addFilter(HY_PKG, HY_EQ, resultPset);
+ possibly_obsoleted.addFilter(HY_PKG_UPGRADES, HY_EQ, 1);
+ possibly_obsoleted.queryUnion(installed);
+ possibly_obsoleted.apply();
+
+ obsoletes.addFilter(HY_PKG_OBSOLETES, HY_EQ, possibly_obsoleted.runSet());
+ obsoletes.apply();
+ Id obsoleted_id = -1;
+ // Add to candidates resultPset pkgs that obsolete some installed (or to be installed in this transaction) pkg
+ while ((obsoleted_id = obsoletes.pImpl->result->next(obsoleted_id)) != -1) {
+ Solvable * s = pool_id2solvable(pool, obsoleted_id);
+ candidates.push_back(s);
+ }
+
Id id = -1;
+ // Add to candidates resultPset pkgs that match name and arch with some already installed pkg
while ((id = resultPset->next(id)) != -1) {
Solvable * s = pool_id2solvable(pool, id);
- // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch
- // with some already installed pkg (in other words: some other version of the pkg is already installed).
- // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
- // It can result in dependency issues, reported as: RhBug:2088149.
auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameArchSolvableComparator);
if (low != installed_solvables.end() && s->name == (*low)->name && s->arch == (*low)->arch) {
candidates.push_back(s);
--
2.36.1

View File

@ -1,70 +0,0 @@
From 025d477f63baf3df2f6da3b10a21f00d4a339073 Mon Sep 17 00:00:00 2001
From: Jaroslav Mracek <jmracek@redhat.com>
Date: Tue, 8 Feb 2022 09:30:03 +0100
Subject: [PATCH] Skip rich deps for autodetection of unmet dependencies (RhBug:2033130, 2048394)
Rich dependencies are difficult to properly evaluate because we do not
have enough information about past and only libsolv is capable to
evaluate it in comparison to present state of the system.
Additionally - rich deps are used for langpacks therefore disabling
unmet rich deps will have a negative impact on UX.
https://bugzilla.redhat.com/show_bug.cgi?id=2048394
https://bugzilla.redhat.com/show_bug.cgi?id=2033130
---
libdnf/goal/Goal.cpp | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/libdnf/goal/Goal.cpp b/libdnf/goal/Goal.cpp
index 2b698f7..ebe2fbd 100644
--- a/libdnf/goal/Goal.cpp
+++ b/libdnf/goal/Goal.cpp
@@ -835,8 +835,12 @@ Goal::exclude_from_weak_autodetect()
installed_names.push_back(dnf_package_get_name(pkg));
std::unique_ptr<libdnf::DependencyContainer> recommends(dnf_package_get_recommends(pkg));
for (int i = 0; i < recommends->count(); ++i) {
- Query query(base_query);
std::unique_ptr<libdnf::Dependency> dep(recommends->getPtr(i));
+ const char * dep_string = dep->toString();
+ if (dep_string[0] == '(') {
+ continue;
+ }
+ Query query(base_query);
const char * version = dep->getVersion();
// There can be installed provider in different version or upgraded packed can recommend a different version
// Ignore version and search only by reldep name
@@ -858,7 +862,7 @@ Goal::exclude_from_weak_autodetect()
}
}
- // Invesigate supplements of only available packages with a different name to installed packages
+ // Investigate supplements of only available packages with a different name to installed packages
installed_names.push_back(nullptr);
base_query.addFilter(HY_PKG_NAME, HY_NEQ, installed_names.data());
auto * available_pset = base_query.getResultPset();
@@ -870,8 +874,20 @@ Goal::exclude_from_weak_autodetect()
if (supplements->count() == 0) {
continue;
}
+ libdnf::DependencyContainer supplements_without_rich(getSack());
+ for (int i = 0; i < supplements->count(); ++i) {
+ std::unique_ptr<libdnf::Dependency> dep(supplements->getPtr(i));
+ const char * dep_string = dep->toString();
+ if (dep_string[0] == '(') {
+ continue;
+ }
+ supplements_without_rich.add(dep.get());
+ }
+ if (supplements_without_rich.count() == 0) {
+ continue;
+ }
Query query(installed_query);
- query.addFilter(HY_PKG_PROVIDES, supplements.get());
+ query.addFilter(HY_PKG_PROVIDES, &supplements_without_rich);
// When supplemented package already installed, exclude_from_weak available package
if (!query.empty()) {
add_exclude_from_weak(pkg);
--
libgit2 1.1.0

File diff suppressed because it is too large Load Diff

View File

@ -1,10 +1,10 @@
%global libsolv_version 0.7.20
%global libsolv_version 0.7.21
%global libmodulemd_version 2.13.0
%global librepo_version 1.13.1
%global dnf_conflict 4.10.0-4
%global swig_version 3.0.12
%global libdnf_major_version 0
%global libdnf_minor_version 65
%global libdnf_minor_version 67
%global libdnf_micro_version 0
%define __cmake_in_source_build 1
@ -56,14 +56,13 @@
Name: libdnf
Version: %{libdnf_major_version}.%{libdnf_minor_version}.%{libdnf_micro_version}
Release: 5%{?dist}
Release: 2%{?dist}
Summary: Library providing simplified C and Python API to libsolv
License: LGPLv2+
URL: https://github.com/rpm-software-management/libdnf
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
Patch1: 0001-Use-rpmdbCookie-from-librpm-remove-hawkey.Sack._rpmd.patch
Patch2: 0002-Skip-rich-deps-for-autodetection-of-unmet-dependencies-RhBug2033130-2048394.patch
Patch3: 0003-Update-translations-RhBug-2017349.patch
Patch1: 0001-advisory-upgrade-filter-out-advPkgs-with-different-a.patch
Patch2: 0002-Add-obsoletes-to-filtering-for-advisory-candidates.patch
BuildRequires: cmake
BuildRequires: gcc
@ -76,7 +75,7 @@ BuildRequires: valgrind
%endif
BuildRequires: pkgconfig(gio-unix-2.0) >= 2.46.0
BuildRequires: pkgconfig(gtk-doc)
BuildRequires: rpm-devel >= 4.11.0
BuildRequires: rpm-devel >= 4.15.0
%if %{with rhsm}
BuildRequires: pkgconfig(librhsm) >= 0.0.3
%endif
@ -307,11 +306,18 @@ popd
%endif
%changelog
* Mon Mar 21 2022 Marek Blaha <mblaha@redhat.com> - 0.65.0-5
- Update translations
* Thu Jul 21 2022 Lukas Hrazky <lhrazky@redhat.com> - 0.67.0-2
- Add obsoletes to filtering for advisory candidates
- advisory upgrade: filter out advPkgs with different arch
* Fri Mar 11 2022 Pavla Kratochvilova <pkratoch@redhat.com> - 0.65.0-4
- Skip rich deps for autodetection of unmet dependencies (RhBug:2048394)
* Thu Apr 28 2022 Pavla Kratochvilova <pkratoch@redhat.com> - 0.67.0-1
- Fix handling transaction id in resolveTransactionItemReason (RhBug:2010259,2053014)
- Remove deprecated assertions (RhBug:2027383)
- Skip rich deps for autodetection of unmet dependencies (RhBug:2033130, 2048394)
- Increase required rpm version since we use `rpmdbCookie()`
- Add 'loongarch' support
- Use dnf solv userdata to check versions and checksum (RhBug:2027445)
- context: Substitute all repository config options (RhBug:2076853)
* Mon Feb 07 2022 Pavla Kratochvilova <pkratoch@redhat.com> - 0.65.0-3
- Use `rpmdbCookie` from librpm, remove `hawkey.Sack._rpmdb_version`