Bug 502277
| Summary: | unsigned packages should be considered broken for --skip-broken | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Tom Horsley <horsley1953> |
| Component: | yum | Assignee: | Seth Vidal <skvidal> |
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | rawhide | CC: | ffesti, james.antill, joshua, pmatilai, tim.lauridsen |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-05-23 03:10:18 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Tom Horsley
2009-05-23 01:47:21 UTC
--skip-broken is about package sets that don't depsolve, so we remove them from the transaction at that point. From the technical point of view the yum code basically does: 1. parse command line 2. depsolve 3. download 4. run transaction ...if a package isn't signed, when the repo. says it should be, we only find out at #4 ... which is really late, so it would be much harder to do this. Just because it is hard to do, doesn't mean it isn't a good idea. Shucks, you just need to add --exclude arguments for the unsigned packages and loop back to step #1. That's what I do manually :-). i think that --skip-broken is the wrong option for installing unsigned packages. if you what to force it you can use --nogpgcheck, but that will skip the gpg check for all packages. One of the problems with skipping packages is that you have to go back to 2. after you have skip packages, because the skip packages can break the whole transaction. it is not the normal usage case that a repo with gpgcheck=1, has unsigned packages, it's a error in the repo. it is only because the fedora repo has gpgcheck=1, but the packages in the fedora is rawhide and the normal rawhide repo has gpgcheck=0 a pkg failing the gpgcheck is a security issue, not a depsolving issue. These two items should not ever be confused with one another. *** Bug 502635 has been marked as a duplicate of this bug. *** I agree that it is a security issue... however... the other packages are signed.... so why not install those ? I'm not sure anyone actually wanting to use --skip-broken really cares why the package is broken or thinks it is useful to distinguish somehow between broken due to dependencies or broken due to being unsigned (or broken for some other reason if there are others that might crop up). Maybe the option name should be changed to: --skip-packages-with-depsolving-problems :-). The error messages yum outputs are ultimately intended for two different audiences: 1. the user themselves 2. the people who will help support the user and/or debug the problem. A user not reporting broken deps is an issue but it is not security critical. A user not reporting an unsigned pkg in a repo that should be signed is CRITICAL. You can ask to call it what you want - but an unsigned pkg in a signed repo is not 'broken' in the sense we're using it here, it is an emergency. |