Bug 1066747
| Summary: | `dnf update` should check for privileges before attempting privileged operations | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Pete Travis <me> |
| Component: | dnf | Assignee: | Packaging Maintenance Team <packaging-team-maint> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 20 | CC: | akozumpl, packaging-team-maint, pnemade, rholy |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-02-19 07:44:38 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Per Parag in RHBZ#1066743, the noroot plugin from dnf-plugins-core enables the check before the transaction. You might consider tweaking the packaging a bit, so the minimal dnf deployment comes in a dnf-core package, and dnf with user-facing plugins comes with the more obvious "dnf" package. At least it would save the trouble of spurious bug reports from more simple end users like myself :) (In reply to Pete Travis from comment #0) > `dnf install foo` or `dnf update`, when executed as a regular user, will go > through the entire process of resolving a transaction and downloading > packages before reporting that the transaction requires root privileges to > complete. The cycles and bandwidth should be conserved. Hello, this is by design for setups that allow noroot to modify rpmdb. Installing dnf-plugins-core prevents this. *** This bug has been marked as a duplicate of bug 910133 *** (In reply to Pete Travis from comment #0) > Running something like `dnf install @standard --releasever 20 > --installroot=/home/regularuser/container/` doesn't work without privileges > either. Yeah, we should track this. Please open an RFE. |
`dnf install foo` or `dnf update`, when executed as a regular user, will go through the entire process of resolving a transaction and downloading packages before reporting that the transaction requires root privileges to complete. The cycles and bandwidth should be conserved. I wouldn't mind seeing the transaction resolved, but redirected to `check-update` or `check-install` respectively with an advisement that root privileges are required to complete the transaction. Bonus points for storing the transaction for immediate execution :) Running something like `dnf install @standard --releasever 20 --installroot=/home/regularuser/container/` doesn't work without privileges either. It's an enhancement I've always wanted from yum, and probably should be in a separate RFE ticket, but mentioned here because it seems like the code might overlap. The attempt results in messages like this, for all included packages: Running transaction acl-2.2.52-4.fc20.x86_64 was supposed to be installed but is not! Verifying : acl-2.2.52-4.fc20.x86_64 1/347 attr-2.4.47-3.fc20.x86_64 was supposed to be installed but is not! Verifying : attr-2.4.47-3.fc20.x86_64 This completes as expected (plenty of AVCs from %post operations but a functional set of files) with appropriate privileges, of course.