Bug 1101029

Summary: [rfe][plugins] yum-plugin-security (list-sec) or similar function support in dnf
Product: [Fedora] Fedora Reporter: Satoru SATOH <ssato>
Component: dnfAssignee: Packaging Maintenance Team <packaging-team-maint>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: akozumpl, packaging-team-maint, pnemade, rholy, tim.lauridsen
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-15 16:04:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 850912    
Bug Blocks:    
Attachments:
Description Flags
An experimental patch to make updateinfo fetched and loaded in dnf none

Description Satoru SATOH 2014-05-25 17:18:09 UTC 
Description of problem:
The system administrators prefer to check security vulnerabilities
and important bugs in systems by listing errata applicable to systems
instead of update packages, I guess. And 'yum list-sec'
(= list-updateinfo, etc.) precisely helps this. 

Currently, both dnf and dnf-plugins-core lack this function and cannot
list applicable errata instead of update packages, so could you please
consider to add security plugin or new command (list-errata/errata,
list-advisory, advisories or something) or something does this
in dnf or dnf-plugins-core ?

And this might help resolving rhbz#1086288 also, I think.


Version-Release number of selected component (if applicable):
I looked git head code (both dnf, dnf-plugin-core and dnf-utils) but 
it seems there is no such plugins yet.


Additional info:

To implement this, dnf needs to fetch and load updateinfo metadata
from repos. I'm not sure that updateinfo metadata is useful for 
other purposes, though, I made an experimental patch does this
anytime on load and attached on this.

(AFAIK, to make updateinfo fetch and load optional, modification of
dnf.repo._Handle (adding 'updateinfo' in self.yumdlist to fetch it), 
dnf.base.Base._add_repo_to_sack (to load updateinfo) may be required,
at least.)
Comment 1 Satoru SATOH 2014-05-25 17:19:23 UTC 
Created attachment 899082 [details]
An experimental patch to make updateinfo fetched and loaded in dnf
Comment 2 Ales Kozumplik 2014-05-26 06:25:37 UTC 
Hello, thanks for the RFE. Once the basic support for updates is done (we're working on it already) we'll see what can be done about the security plugin.
Comment 3 Satoru SATOH 2014-05-26 06:35:33 UTC 
Thanks a lot for your quick response!

Is there any git repo/branch for the updates support available ? 
I'm interested in its implementation.

And if something I can help (testing, etc.), please let me know.
Comment 4 Satoru SATOH 2014-08-15 16:04:15 UTC 
updateinfo function in the latest (0.6.0) version of dnf satisfy this.