Bug 1531356

Summary:	dnf system-upgrade seems to ignore --nogpgcheck
Product:	[Fedora] Fedora	Reporter:	Adam Williamson <awilliam>
Component:	dnf	Assignee:	Jaroslav Mracek <jmracek>
Status:	CLOSED NOTABUG	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	28	CC:	dmach, jmracek, mhatina, mikhail.v.gavrilov, packaging-team-maint, rpm-software-management, vascom2, vmukhame
Target Milestone:	---	Keywords:	Reopened, Triaged
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2019-03-28 12:56:15 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Adam Williamson 2018-01-05 01:50:49 UTC

openQA upgrade tests to Rawhide are failing ATM. The immediate error is this:

Jan 04 05:59:31 localhost.localdomain dnf[625]: Curl error (37): Couldn't read a file:// file for file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-rawhide-x86_64 [Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-rawhide-x86_64]
Jan 04 05:59:31 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dnf-system-upgrade comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Jan 04 05:59:31 localhost.localdomain kernel: kauditd_printk_skb: 70 callbacks suppressed
Jan 04 05:59:31 localhost.localdomain kernel: audit: type=1130 audit(1515074371.834:81): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dnf-system-upgrade comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Jan 04 05:59:31 localhost.localdomain systemd[1]: dnf-system-upgrade.service: Main process exited, code=exited, status=1/FAILURE
Jan 04 05:59:31 localhost.localdomain systemd[1]: Failed to start System Upgrade using DNF.

It can't find the file because it doesn't exist. The tests use '--releasever=rawhide', so dnf looks for a file called RPM-GPG-KEY-fedora-rawhide-x86_64 - the 'rawhide' there is taken from the 'releasever' value.

I can fiddle around with the tests so they know what Rawhide's release number is and pass that as 'releasever' instead, but the thing is, I shouldn't need to. The tests also pass '--nogpgcheck', so dnf shouldn't really be looking for GPG keys at all. This has worked in the past. The actual commands the tests run are:

dnf -y --releasever=rawhide --nogpgcheck system-upgrade download
dnf -y --releasever=rawhide --nogpgcheck system-upgrade reboot

and when they do that, the above problem happens. In the past, the upgrade worked OK, despite the GPG key file not existing, which seems to indicate that DNF either did not previously look for it, or didn't care if it didn't exist.

One thing I've noticed here is there actually seems to be a sort of collision between packagekit-offline-update.service and dnf-system-upgrade.service , here, as we can see in the logs:

Jan 04 05:59:24 localhost.localdomain systemd[1]: Starting System Upgrade using DNF...
Jan 04 05:59:24 localhost.localdomain systemd[1]: Listening on D-Bus System Message Bus Socket.
Jan 04 05:59:24 localhost.localdomain systemd[1]: Starting Update the operating system whilst offline...
Jan 04 05:59:24 localhost.localdomain pk-offline-update[626]: another framework set up the trigger
Jan 04 05:59:24 localhost.localdomain systemd[1]: Started Update the operating system whilst offline.

"System Upgrade using DNF" is dnf-system-upgrade.service , while "Update the operating system whilst offline" is packagekit-offline-update.service . As you can see, *both* services get started. I'm not sure if that is relevant here, or not, but it is interesting. Both services are wanted by system-update.target.

Comment 1 Jaroslav Mracek 2018-01-10 14:38:42 UTC

I created a patch that should provide missing feature (https://github.com/rpm-software-management/dnf-plugins-extras/pull/120).

Comment 2 Fedora End Of Life 2018-02-20 15:30:36 UTC

This bug appears to have been reported against 'rawhide' during the Fedora 28 development cycle.
Changing version to '28'.

Comment 3 Adam Williamson 2018-04-02 20:44:43 UTC

This has been merged upstream, but there has been no release of dnf-plugins-extras and no downstream package build, so it's still broken in Fedora. Can we please get a release and a package build? Thanks.

Comment 4 Jaroslav Mracek 2018-04-03 10:21:11 UTC

The new release depends on https://github.com/rpm-software-management/libdnf/pull/433. After merge of PR we will release it.

Comment 5 Jaroslav Mracek 2018-06-28 08:38:39 UTC

The issue is solved by dnf-plugins-extras-3.0.0-1 that was released into rawhide.

Comment 6 Vasiliy Glazov 2019-03-27 07:03:22 UTC

Problem again persist in dnf-plugins-extras-4.0.4-1.fc29.

I can't upgrade to F30 with non signed rpmfusion packages.

Comment 7 Jaroslav Mracek 2019-03-28 12:56:15 UTC

Please could you open a new bug report and provide additional information like /var/log/dnf.log with failed transaction, command that you used, and output from "sudo dnf system-upgrade log --number 1" if problem appears during reboot.

Comment 8 Vasiliy Glazov 2019-03-28 13:16:00 UTC

Created https://bugzilla.redhat.com/show_bug.cgi?id=1693677