Bug 1632516
| Summary: | dnf-automatic ignores dnf's version lock plugin configuration | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Michel Lind <michel> | ||||
| Component: | dnf | Assignee: | rpm-software-management | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 28 | CC: | dmach, jmracek, mblaha, mhatina, packaging-team-maint, rpm-software-management, vmukhame | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2018-09-27 13:20:36 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
The problem is in incorrect modular filtering in dnf-2.7.5-12. It should be fixed by dnf-3.5.1 available in Fedora29+ |
Created attachment 1486576 [details] repro for dnf-automatic upgrading kernel packages that are version-locked and the workaround Description of problem: At work, `dnf-automatic` configured to automatically apply security updates, and also have `python3-dnf-plugin-versionlock` configured to lock kernel package versions for some users. Recently, a kernel update was released that's marked as a security update, and dnf-automatic would upgrade kernel packages even though `dnf upgrade` won't. Version-Release number of selected component (if applicable): ❯ rpm -q dnf dnf-automatic python3-dnf-plugin-versionlock dnf-2.7.5-12.fc28.noarch dnf-automatic-2.7.5-12.fc28.noarch python3-dnf-plugin-versionlock-2.1.5-4.fc28.noarch How reproducible: Always Steps to Reproduce: 1. downgrade kernel packages to 4.16.3-301.fc28 and reboot to that kernel 2. configure versionlock to lock the kernel packages 3. configure dnf-automatic to automatically install security updates 4. run dnf-automatic; verify kernel gets updated 5. downgrade kernel packages again 6. configure dnf-automatic to exclude kernel packages 7. run dnf-automatic again Actual results: step 4 upgrades kernel packages; step 7 does not Expected results: steps 4 and 7 should behave identically Additional info: