Bug 2170093
| Summary: | dnf-automatic returns "success" ( zero exit status return ) even if the called dnf command returns error | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Vaibhav Bhope <vbhope> | |
| Component: | dnf | Assignee: | Jan Kolarik <jkolarik> | |
| Status: | VERIFIED --- | QA Contact: | swm-qe | |
| Severity: | medium | Docs Contact: | Mariya Pershina <mpershin> | |
| Priority: | medium | |||
| Version: | 8.7 | CC: | brian, james.antill, jkolarik, mbanas, mpershin, nsella, pkratoch | |
| Target Milestone: | rc | Keywords: | Triaged | |
| Target Release: | --- | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | dnf-4.7.0-18.el8 | Doc Type: | Bug Fix | |
| Doc Text: |
.The `dnf-automatic` command now correctly reports the exit status of transactions
Previously, the `dnf-automatic` command returned a successful exit code of a transaction even if some actions during this transaction were not successfully completed. This could cause a security risk on machines that use `dnf-automatic` for automatic deployment of errata. With this update, the issue has been fixed and `dnf-automatic` now reports every problem with packages during the transaction.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 2212262 (view as bug list) | Environment: | ||
| Last Closed: | Type: | Bug | ||
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2212262 | |||
Looks like a quite long-lasting bug there. Originally this issue was reported in DNF here: https://bugzilla.redhat.com/show_bug.cgi?id=1341086, but it was only fixed for the CLI usage. Looking into the latest DNF 4.15.0 release sources, this is the place where this failure is handled for CLI: https://github.com/rpm-software-management/dnf/blob/5306910d06631bc93fa3ece0e70ed27ee592b0aa/dnf/cli/cli.py#L264. I've created a PR to fix this: DNF PR: https://github.com/rpm-software-management/dnf/pull/1923 tests PR: https://github.com/rpm-software-management/ci-dnf-stack/pull/1250 Cloned into RHEL 9 bug: https://bugzilla.redhat.com/show_bug.cgi?id=2212262. |
Description of problem: dnf-automatic returns "success" ( zero exit status returned ) even if the called dnf command returns error Version-Release number of selected component (if applicable): dnf-4.7.0-11.el8.noarch dnf-automatic-4.7.0-11.el8.noarch How reproducible: Steps to Reproduce: 1. Added an immutable bit to /usr/sbin/httpd to cause a package update failure. 2. With the "dnf" command, we see that the "httpd" update failed and an exit status of "1" indicates that the command was not successful. --------------------------------------------------------------------------- [root@rhel8 ~]# dnf -v update httpd; echo $? Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, groups-manager, needs-restarting, playground, product-id, repoclosure, repodiff, repograph, repomanage, reposync, subscription-manager, uploadprofile, versionlock Updating Subscription Management repositories. DNF version: 4.7.0 cachedir: /var/cache/dnf User-Agent: constructed: 'libdnf (Red Hat Enterprise Linux 8.7; generic; Linux.x86_64)' --> Starting dependency resolution ---> Package httpd.x86_64 2.4.37-47.module+el8.6.0+15654+427eba2e.2 will be upgraded ---> Package httpd.x86_64 2.4.37-51.module+el8.7.0+16050+02173b8e will be an upgrade --> Finished dependency resolution Dependencies resolved. =================================================================================================================================================================================================================== Package Architecture Version Repository Size =================================================================================================================================================================================================================== Upgrading: httpd x86_64 2.4.37-51.module+el8.7.0+16050+02173b8e rhel-8-for-x86_64-appstream-rpms 1.4 M Transaction Summary =================================================================================================================================================================================================================== Upgrade 1 Package Total download size: 1.4 M Is this ok [y/N]: y Downloading Packages: httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64.rpm 3.6 MB/s | 1.4 MB 00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 3.6 MB/s | 1.4 MB 00:00 Using rpmkeys executable at /usr/bin/rpmkeys to verify signatures Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 1/1 Upgrading : httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 1/2 Error unpacking rpm package httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 Errors occurred during transaction. Verifying : httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 1/2 Verifying : httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64 2/2 Completion plugin: Generating completion cache... Installed products updated. Failed: httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64 Failed: httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 Failed: httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64 httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 Error: Transaction failed 1 --------------------------------------------------------------------------- 3. With the "dnf-automatic" command, we see that the "httpd" update failed and the exit status returned was 0. --------------------------------------------------------------------------- # dnf-automatic --installupdates ; echo $? Updating Subscription Management repositories. Last metadata expiration check: 0:03:42 ago on Wed 15 Feb 2023 10:30:55 AM EST. Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Error unpacking rpm package httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 Installed products updated. The following updates have been applied on 'rhel8': =================================================================================================================================================================================================================== Package Arch Version Repository Size =================================================================================================================================================================================================================== Upgrading: httpd x86_64 2.4.37-51.module+el8.7.0+16050+02173b8e rhel-8-for-x86_64-appstream-rpms 1.4 M Transaction Summary =================================================================================================================================================================================================================== Upgrade 1 Package Updates completed at Wed 15 Feb 2023 10:34:41 AM EST 0 --------------------------------------------------------------------------- Actual results: With the dnf-automatic command, if an update fails, then echo $? will return a 0 exit status. 0 means that no error occurred as the yum command completed. With the dnf-automatic command, if an update fails, then echo $? will return a 0 exit status. 0 means that no error occurred as the yum command completed. . Expected results: With dnf-automatic command, if update failed is failed then echo $? should return correct exit status. Additional info: