Bug 1234930
| Summary: | [RFE] Add yum-security functionality to DNF | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | David Juran <djuran> |
| Component: | dnf | Assignee: | rpm-software-management |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | high | ||
| Version: | rawhide | CC: | alekcejk, awilliam, cjs, h.reindl, igeorgex, james.antill, jmracek, johannespfrang, jsilhan, jzeleny, kevin, mattdm, mihai, mluscon, ngompa13, oliver.henshaw, packaging-team-maint, pnemade, rsawhill, samuel-rhbugs, sergio, sgraf, sgrubb, swadeley, tim.lauridsen, travneff, vmukhame |
| Target Milestone: | --- | Keywords: | FutureFeature, Reopened, Triaged |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-12-02 15:20:00 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1318312 | ||
|
Description
David Juran
2015-06-23 14:06:58 UTC
The original requirements can be found in bug 234646. I'm not speaking via any authoritative role here, but I can confidently say that this will have to be worked out in the next couple years before RHEL8 drops. The DNF security plugin should do this or it will be in dnf itself. *** Bug 1262572 has been marked as a duplicate of this bug. *** See the bug 1262572 for a closely related request of an --advisory option. Those bugs are not really the same. They ask for different features, which were both once implemented by yum-security and merged into core yum(-deprecated) at the same time: * --security = install only updates from (all) update groups tagged as security * --advisory=FEDORA-2015-nnnnn = install only updates from the specific update group FEDORA-2015-nnnnn – whether that was actually a security update group or some other type does not actually matter IMHO, --advisory is the much more useful option. It can be used to test a specific update group from updates-testing. --security is a global flag that works very poorly in practice, because security updates can depend on prior non-security updates. --advisory is also something we document on Common Bugs pages. We have this wiki template: https://fedoraproject.org/wiki/Template:Common_bugs_update_testing which explicitly instructs you to use 'yum --enablerepo=updates-testing update --advisory=ADVISORY' to test a specific update. I can't in fact see any good replacement for this quite important function in DNF. I agree with Kevin that these are two separate requests; --security does not fulfil the use case of --advisory. Note that --advisory is somewhat inaccurately named in a Fedora context, because it really operates on *update IDs*. The significance of this is it is not applicable only to security updates, you can use it on *any* update. I'm probably going to have to adjust the template to use yum-deprecated for now, as I just can't see any other option. OK, you probably did not understand me. Comment #5 was primarily dedicated to the future assignee. Since I have closed the request for --advisory as a duplicate of this bug because we handle this report as a request to port the Yum's security plugin (see comment #3), I just wanted to make sure that the assignee won't forget to implement the --advisory option as well. Sorry for the pure wording. I mean "poor wording", ehm... *** Bug 1275138 has been marked as a duplicate of this bug. *** Cool RFE is already open, It looks like easy do an implementation is just manipulate dnf updateinfo command ! [1] [1] http://unix.stackexchange.com/a/234116/32478 This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed. There is a first PR that should solve the problem: https://github.com/rpm-software-management/dnf/pull/649 Will this be only a DNF 2 feature or which Fedora releases will get this? Unfortunately it will be available only for Fedora 26+. But we have a testing repository with dnf-2.0 for Fedora 24+ (dnf copr enable rpmsoftwaremanagement/dnf-nightly) I installed from the COPR and the man page section on updateinfo does not seem to match the tool itself. (Like, there seems to be no --list.) Is the command I want dnf updateinfo --security ? I am sorry but I didn't get note about --list. Please can you provide output from: 1. rpm -q dnf 2. dnf updateinfo --security 3. yum-deprecated updateinfo --security First of all you have to upgrade dnf to latest version. If you use rawhide just from rawhide repo, but for fc24+ you have to use our testing repository (dnf copr enable rpmsoftwaremanagement/dnf-nightly). In my case the latest dnf is dnf-2.0.0_1-74g8fe8683.fc25.noarch . Then --security option should work as with yum. Please if you have another problem, or --security is not working like expected, please try to report it, or probably open new bugzilla. |