Bug 1489595 - dnf-automatic in 2.x is not compatible with 1.x, this is not explained in the docs anywhere, docs for new timer-based approach are unclear
dnf-automatic in 2.x is not compatible with 1.x, this is not explained in the...
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: dnf (Show other bugs)
26
All Linux
unspecified Severity urgent
: ---
: ---
Assigned To: rpm-software-management
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-09-07 16:38 EDT by Adam Williamson
Modified: 2017-10-02 05:06 EDT (History)
11 users (show)

See Also:
Fixed In Version: dnf-2.6.3-11.fc26 dnf-2.6.3-11.fc27
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-09-14 17:55:18 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adam Williamson 2017-09-07 16:38:09 EDT
I just noticed my web server, which was configured to do automatic updates via dnf-automatic, had not been updated for weeks.

After a bit of poking I realized this is since it was upgraded to Fedora 26, and thus to dnf 2.0.

dnf 2.0 changed the way dnf-automatic works quite significantly. Best as I can tell, the `download_updates` and `apply_updates` settings in automatic.conf no longer do anything, and the user is supposed to decide whether they want:

i) only notifications
ii) download, but don't install
iii) download and install

by choosing to enable some combination of three systemd timer units, dnf-automatic-notifyonly.timer , dnf-automatic-download.timer , and dnf-automatic-install.timer .

However, AFAICT, this change is not explained *anywhere* in any documentation. It's not in https://fedoraproject.org/wiki/Changes/DNF-2.0 . It's not in https://dnf.readthedocs.io/en/latest/dnf-1_vs_dnf-2.html . It's not in https://dnf.readthedocs.io/en/latest/automatic.html - which actually still documents the *old* way dnf-automatic worked in 1.x, and doesn't mention the timer units at all, so is rather useless.

This seems like a rather big problem; who knows how many other people who were relying on dnf-automatic to do updates are in the same situation I found myself in?

Additionally, I'll note the timer mechanism is confusing and the documentation doesn't help at all. If I want to download and install updates, do I enable *both* download.timer *and* install.timer, or just install.timer? The docs don't help at all as they don't cover the timers at all, and the comments in the config file are entirely ambiguous on this.
Comment 1 Adam Williamson 2017-09-07 16:41:55 EDT
As well as this not being documented at all (AFAICT), there doesn't appear to be any effort made at all to provide some kind of warning to the sysadmin. I can think of all sorts of ways to do this: for instance, if `download_updates` or `apply_updates` are set in automatic.conf but no timers are enabled, print a warning any time the admin runs dnf.

Or, include a dummy dnf-automatic.service - the name of the catch-all service from 1.0, which doesn't exist in 2.0 at all any more - which causes some kind of notification about the transition.
Comment 2 Adam Williamson 2017-09-07 16:43:35 EDT
It is also not mentioned in the Fedora 26 Release Notes: https://docs.fedoraproject.org/f26/release-notes/
Comment 3 Adam Williamson 2017-09-07 16:58:07 EDT
Marking private for now in case we treat this as a security issue.
Comment 4 Adam Williamson 2017-09-07 17:29:03 EDT
Sorry, bit of a correction: https://dnf.readthedocs.io/en/latest/automatic.html *does* mention the timer units, but it *also* still covers the config file directives, and doesn't make any attempt to explain why there are two apparently conflicting mechanisms, or reconcile their practical effects.

As nearly as I can tell, when dnf-automatic *does* run, it will still read and respect the config file directives. So this is actually just even more odd. You have to enable one of the function-specific timer units to get dnf-automatic to run automatically at all again - but since the config file directives are still considered, you can't actually guarantee that any of the timer units *actually* only does what it says it does.

By which I mean: if you enable dnf-automatic-notifyonly.timer , despite the name, if your automatic.conf has `apply_updates = yes` in it, then when the timer causes dnf-automatic to run, it will apply the updates.

So really this is just an ungodly mess...
Comment 5 Adam Williamson 2017-09-07 18:17:10 EDT
My suggestion for fixing this, btw, would be:

* Keep the config file directives
* Make the CLI args boolean (right now they can set True but not False)
* Re-introduce plain dnf-automatic.{service,timer} , which calls the binary with none of the relevant args specified in any way (and thus behaves exactly as the config file says)
* dnf-automatic-notifyonly.service would pass --notify=yes --download=no --install=no (or whatever the exact syntax is)
* dnf-automatic-download.service would pass --notify=yes --download=yes --install=no
* dnf-automatic-install.service would pass --notify=yes --download=yes --install=yes
* Fix up the docs (and config comments) to explain all this properly

This should fix all the problems. Existing configurations would work as they did before (via the resurrected dnf-automatic.service), and the behaviour of the action-specific timers/services would no longer be affected by the configuration files.
Comment 6 Adam Williamson 2017-09-08 02:21:42 EDT
https://github.com/rpm-software-management/dnf/pull/919
Comment 7 Fedora Update System 2017-09-13 06:14:07 EDT
dnf-2.6.3-2.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-750b4f0a28
Comment 8 Fedora Update System 2017-09-13 06:14:18 EDT
dnf-2.6.3-5.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-b629284474
Comment 9 Fedora Update System 2017-09-13 13:12:32 EDT
dnf-2.6.3-11.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2f4fe090e
Comment 10 Fedora Update System 2017-09-13 13:12:42 EDT
dnf-2.6.3-11.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-9fe37c9984
Comment 11 Fedora Update System 2017-09-13 15:25:01 EDT
dnf-2.6.3-11.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2f4fe090e
Comment 12 Fedora Update System 2017-09-14 00:53:16 EDT
dnf-2.6.3-11.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-9fe37c9984
Comment 13 Fedora Update System 2017-09-14 17:55:18 EDT
dnf-2.6.3-11.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
Comment 14 David H. Gutteridge 2017-09-20 00:24:15 EDT
Bug https://bugzilla.redhat.com/show_bug.cgi?id=1473892 is likely addressed by this change. I've enquired in that ticket.
Comment 15 Fedora Update System 2017-09-30 02:27:53 EDT
dnf-2.6.3-11.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.