Bug 1531356 - dnf system-upgrade seems to ignore --nogpgcheck
Summary: dnf system-upgrade seems to ignore --nogpgcheck
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: dnf
Version: 28
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jaroslav Mracek
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords: Reopened, Triaged
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-01-05 01:50 UTC by Adam Williamson
Modified: 2019-03-28 13:16 UTC (History)
8 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2019-03-28 12:56:15 UTC


Attachments (Terms of Use)

Description Adam Williamson 2018-01-05 01:50:49 UTC
openQA upgrade tests to Rawhide are failing ATM. The immediate error is this:

Jan 04 05:59:31 localhost.localdomain dnf[625]: Curl error (37): Couldn't read a file:// file for file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-rawhide-x86_64 [Couldn't open file /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-rawhide-x86_64]
Jan 04 05:59:31 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dnf-system-upgrade comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Jan 04 05:59:31 localhost.localdomain kernel: kauditd_printk_skb: 70 callbacks suppressed
Jan 04 05:59:31 localhost.localdomain kernel: audit: type=1130 audit(1515074371.834:81): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dnf-system-upgrade comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Jan 04 05:59:31 localhost.localdomain systemd[1]: dnf-system-upgrade.service: Main process exited, code=exited, status=1/FAILURE
Jan 04 05:59:31 localhost.localdomain systemd[1]: Failed to start System Upgrade using DNF.

It can't find the file because it doesn't exist. The tests use '--releasever=rawhide', so dnf looks for a file called RPM-GPG-KEY-fedora-rawhide-x86_64 - the 'rawhide' there is taken from the 'releasever' value.

I can fiddle around with the tests so they know what Rawhide's release number is and pass that as 'releasever' instead, but the thing is, I shouldn't need to. The tests also pass '--nogpgcheck', so dnf shouldn't really be looking for GPG keys at all. This has worked in the past. The actual commands the tests run are:

dnf -y --releasever=rawhide --nogpgcheck system-upgrade download
dnf -y --releasever=rawhide --nogpgcheck system-upgrade reboot

and when they do that, the above problem happens. In the past, the upgrade worked OK, despite the GPG key file not existing, which seems to indicate that DNF either did not previously look for it, or didn't care if it didn't exist.

One thing I've noticed here is there actually seems to be a sort of collision between packagekit-offline-update.service and dnf-system-upgrade.service , here, as we can see in the logs:

Jan 04 05:59:24 localhost.localdomain systemd[1]: Starting System Upgrade using DNF...
Jan 04 05:59:24 localhost.localdomain systemd[1]: Listening on D-Bus System Message Bus Socket.
Jan 04 05:59:24 localhost.localdomain systemd[1]: Starting Update the operating system whilst offline...
Jan 04 05:59:24 localhost.localdomain pk-offline-update[626]: another framework set up the trigger
Jan 04 05:59:24 localhost.localdomain systemd[1]: Started Update the operating system whilst offline.

"System Upgrade using DNF" is dnf-system-upgrade.service , while "Update the operating system whilst offline" is packagekit-offline-update.service . As you can see, *both* services get started. I'm not sure if that is relevant here, or not, but it is interesting. Both services are wanted by system-update.target.

Comment 1 Jaroslav Mracek 2018-01-10 14:38:42 UTC
I created a patch that should provide missing feature (https://github.com/rpm-software-management/dnf-plugins-extras/pull/120).

Comment 2 Fedora End Of Life 2018-02-20 15:30:36 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 28 development cycle.
Changing version to '28'.

Comment 3 Adam Williamson 2018-04-02 20:44:43 UTC
This has been merged upstream, but there has been no release of dnf-plugins-extras and no downstream package build, so it's still broken in Fedora. Can we please get a release and a package build? Thanks.

Comment 4 Jaroslav Mracek 2018-04-03 10:21:11 UTC
The new release depends on https://github.com/rpm-software-management/libdnf/pull/433. After merge of PR we will release it.

Comment 5 Jaroslav Mracek 2018-06-28 08:38:39 UTC
The issue is solved by dnf-plugins-extras-3.0.0-1 that was released into rawhide.

Comment 6 Vasiliy Glazov 2019-03-27 07:03:22 UTC
Problem again persist in dnf-plugins-extras-4.0.4-1.fc29.

I can't upgrade to F30 with non signed rpmfusion packages.

Comment 7 Jaroslav Mracek 2019-03-28 12:56:15 UTC
Please could you open a new bug report and provide additional information like /var/log/dnf.log with failed transaction, command that you used, and output from "sudo dnf system-upgrade log --number 1" if problem appears during reboot.

Comment 8 Vasiliy Glazov 2019-03-28 13:16:00 UTC
Created https://bugzilla.redhat.com/show_bug.cgi?id=1693677


Note You need to log in before you can comment on or make changes to this bug.