Bug 443443

Summary: install_file method does not handle corrupt RPMs
Product: [Fedora] Fedora Reporter: Richard Hughes <richard>
Component: PackageKitAssignee: Robin Norwood <robin.norwood>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: james.antill, mclasen, tim.lauridsen
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-05-01 10:30:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 441857    
Bug Blocks:    

Description Richard Hughes 2008-04-21 16:11:33 UTC 
Description of problem:

Download a corrupt RPM file and try to install it in yum:

=================================================
[hughsie@hughsie-work helpers]$ sudo yum localinstall
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm

Loaded plugins: changelog, downloadonly, refresh-packagekit
Setting up Local Package Process
Examining
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm:
gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386
Marking
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
to be installed
Resolving Dependencies
--> Running transaction check
---> Package gnome-power-manager.i386 0:2.23.1-1.112.20080418svn.fc9.hughsie set
to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Installing:
 gnome-power-manager     i386       2.23.1-1.112.20080418svn.fc9.hughsie 
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
 4.6 M

Transaction Summary
=============================================================================
Install      1 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         

Total download size: 4.6 M
Is this ok [y/N]: y
Downloading Packages:
error: rpmts_HdrFromFdno: Header SHA1 digest: BAD
Expected(70ebdf740a0668930dfa7056d714bb158fe746d6) !=
(d88a8b6d6e765e7ce08ab7e033790d3e917eaa86)


Problem opening package
gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
=================================================

The same thing with PackageKit silently exits - no error. Debugging:

=================================================
[hughsie@hughsie-work helpers]$ sudo ./install-file.py
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
allow-cancel	false
percentage	0
status	running
status	dep-resolve
no-percentage-updates
allow-cancel	true
percentage	10
status	download
percentage	40
status	sig-check
allow-cancel	false
percentage	45
status	test-commit
allow-cancel	false
percentage	50
=================================================

This sis because self.yumbase.conf.gpgcheck=0 is set for local file installs,
and so we don't do the gpg check.
Comment 1 James Antill 2008-04-21 16:28:52 UTC 
 Don't you get an exception though?
 I'd be shocked if you didn't get something from the yum API that allowed you to
see there was something wrong.
Comment 2 Richard Hughes 2008-04-21 16:58:03 UTC 
Nope, nothing. Just a silent failure. If you comment out
self.yumbase.conf.gpgcheck=0 then you get the same behavour as yum.
Comment 3 Robin Norwood 2008-04-23 16:06:00 UTC 
This is fixed upstream in change 3a6f1b06be02c6fd67b6f5abcee0c60631d2d69b, and
should be in the next release.