Bug 178908
| Summary: | system-install-packages bug and patches | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Tim Lauridsen <tim.lauridsen> |
| Component: | pirut | Assignee: | Jeremy Katz <katzj> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-02-03 22:24:12 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Attachments: | |||
|
Description
Tim Lauridsen
2006-01-25 11:51:58 UTC
Created attachment 123664 [details]
Patch for file not found traceback
Created attachment 123665 [details]
Patch for telling the user if a package allready installed
It also fixes two time 'elif == 0:' efter each other
Created attachment 123666 [details]
Patch for installing packages that are not signed
Created attachment 123667 [details]
new patch for file not found there was an error in the first one
In the future, it helps to provide patches separately so they can be tracked individually. * File not found: Committed * Already installed: Committed, with some text tweaks as well as i18n marking For the third, I'm not sure that installing unsigned packages is really the right thing to do if the configuration is set up to require signed packages. Which is most of why I've held off applying any of these, but I'm not any closer to personal resolution. What would be the use case of having gpgcheck=1 and then wanting to install an unsigned package? (In reply to comment #5) > In the future, it helps to provide patches separately so they can be tracked > individually. > I will do so in the future :-) > * File not found: Committed > * Already installed: Committed, with some text tweaks as well as i18n marking > > For the third, I'm not sure that installing unsigned packages is really the > right thing to do if the configuration is set up to require signed packages. > Which is most of why I've held off applying any of these, but I'm not any closer > to personal resolution. > I most cases it would be ok, not to install unsigned packages, but in some cases it would be nice to just warn the user and let the user decide. Example: A user what to use the 'foobar' application, but it is not availible in any repositories. He locates the application on the "foobar" homepage, And there is a link to download a rpm for Fedora Core, He clicks the link and Firefox suggests to open the rpm with the system-install-packages tool, he selects to do so, and he get a "Unable to verify" error. Possible solution. 1. Keep it as is, maybe change the text to something like "The package is not signed, so it cant be installed for security reasons" 2. just install it. 3. Warn the user about the security issues and let him choose to install it or not. Maybe it should be something to be enabled in /etc/pirut.conf > What would be the use case of having gpgcheck=1 and then wanting to install an > unsigned package? When installing from a repository, it is up to the state of "gpgcheck=" to deside how to handle unsigned packages, but it not very useful in the previous example. After talking with jrb a bit (who happened to hit this case installing VMware the other day), went ahead and implemented, although I did it a bit differently than your patch. Looking good |