Bug 1467164

Summary: 26 Final RC-1.3 compose is missing 'custodia' package
Product: [Fedora] Fedora Reporter: Adam Williamson <awilliam>
Component: distributionAssignee: Mohan Boddu <mboddu>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 26CC: cheimes, dennis, kevin, mattdm, menantea, robatino
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: AcceptedBlocker
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-07-05 01:17:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1349188, 1430830    

Description Adam Williamson 2017-07-03 06:00:36 UTC 
For some reason, the 'custodia' package is entirely missing from the Fedora 26 Final RC-1.3 compose:

https://kojipkgs.fedoraproject.org/compose/26/Fedora-26-20170702.0/compose/Everything/x86_64/os/Packages/c/

Check the package list there for a 'custodia' package, you will find none. Now compare to the nightly of the same date:

https://kojipkgs.fedoraproject.org/compose/branched/Fedora-26-20170702.n.0/compose/Everything/x86_64/os/Packages/c/

and you will see there *is* a custodia package present, custodia-0.3.1-2.fc26.noarch.rpm , which was a part of this update:

https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d0ec3e0af

which was pushed stable a month ago. I do not know why the package is missing from the RC-1.3 compose, but it is a clear criteria violation unfortunately, as it renders FreeIPA (at least server, I believe also client) entirely impossible to install, as freeipa-server-common requires custodia:

2017-07-02T15:25:48Z WARNING 
 Problem 1: package freeipa-server-4.4.4-2.fc26.x86_64 requires freeipa-server-common = 4.4.4-2.fc26, but none of the providers can be installed
  - conflicting requests
  - nothing provides custodia >= 0.3.1 needed by freeipa-server-common-4.4.4-2.fc26.noarch
 Problem 2: package freeipa-server-dns-4.4.4-2.fc26.noarch requires freeipa-server = 4.4.4-2.fc26, but none of the providers can be installed
  - package freeipa-server-4.4.4-2.fc26.x86_64 requires freeipa-server-common = 4.4.4-2.fc26, but none of the providers can be installed
  - conflicting requests
  - nothing provides custodia >= 0.3.1 needed by freeipa-server-common-4.4.4-2.fc26.noarch
 Problem 3: package freeipa-server-trust-ad-4.4.4-2.fc26.x86_64 requires freeipa-server = 4.4.4-2.fc26, but none of the providers can be installed
  - package freeipa-server-4.4.4-2.fc26.x86_64 requires freeipa-server-common = 4.4.4-2.fc26, but none of the providers can be installed
  - conflicting requests
  - nothing provides custodia >= 0.3.1 needed by freeipa-server-common-4.4.4-2.fc26.noarch

We urgently need to do an RC-1.4 compose with this fixed.
Comment 1 Kamil Páral 2017-07-03 09:49:32 UTC 
*** Bug 1467267 has been marked as a duplicate of this bug. ***
Comment 2 Matthew Miller 2017-07-03 14:11:54 UTC 
Clearly a blocker. I'm also concerned that other packages may be dropped and we just happened to notice this one because it blocks something needed for a specific Server role.
Comment 3 Kevin Fenzi 2017-07-03 14:45:23 UTC 
+1 blocker
Comment 4 Adam Williamson 2017-07-03 15:49:57 UTC 
Matthew: yes, I agree on that - I'd like, if possible, for releng to explain why custodia was missing and check whether anything else was affected similarly.
Comment 5 Matthew Miller 2017-07-03 15:59:44 UTC 
(In reply to Adam Williamson from comment #4)
> Matthew: yes, I agree on that - I'd like, if possible, for releng to explain
> why custodia was missing and check whether anything else was affected
> similarly.

Got this in IRC:

[04:10:08] <tyll_> adamw: mboddu: Sorry about custodia, I wrongly blocked it when cleaning up broken deps :-/ I skipped python-etcd for freeipa but missed that custodia was still on the list as an intermediate dependency

Related ticket is https://pagure.io/releng/issue/6836, and I *think* we're all okay.
Comment 6 Adam Williamson 2017-07-03 18:34:18 UTC 
Discussed at 2017-07-03 blocker review meeting: https://meetbot-raw.fedoraproject.org/fedora-blocker-review/2017-07-03/f26-blocker-review.2017-07-03-16.06.html . Accepted as a blocker bug as a clear violation of Alpha criterion "Release-blocking roles and the supported role configuration interfaces must meet the core functional Role Definition Requirements to the extent that supported roles can be successfully deployed, started, stopped, brought to a working configuration, and queried."

For the record, we are unblocking all packages which were blocked from RC-1.1 and RC-1.3 due to dependency issues, on the basis this happened far too late and could have unpredictable effects we do not have time to exhaustively investigate: see https://pagure.io/releng/issue/6836 for more on that. Marking as MODIFIED as I believe mboddu already unblocked custodia in preparation for the next compose.
Comment 7 Adam Williamson 2017-07-05 01:17:17 UTC 
Fix confirmed in RC-1.4, the openQA test passed, so the package is certainly back.