Description of problem: Currently epel-release requires `redhat-release >= %{version}`. This allows installing a newer epel-release than you should. For example, you can install epel-release-7-11 on EL6. It would be better to change the requirement to `redhat-release = %{version}` so that you can only ever install a matching epel-release. Version-Release number of selected component (if applicable): epel-release-6-8.noarch epel-release-7-11.noarch Steps to Reproduce: 1. an EL6 system 2. yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm Actual results: Installation is allowed. Expected results: Installation should fail because EPEL7 doesn't work on EL6. Additional info: Yes, I know people shouldn't do this, but it's a easy change to make to help enforce the correct thing.
Ok I mixed things up slightly, my example should have been installing epel-release-latest-6.noarch.rpm works on EL7. However, my example also works on CentOS 6 because centos-release-6 has an unversioned provides for redhat-release. This is a related but technically a separate issue. $ rpm -q --provides centos-release | grep redhat redhat-release
Well, the problem here is that redhat-release is the actual release... ie, 7.0, 7.1, etc. So if we made epel7's epel-release require = redhat_release it would be uninstallable, since 7 is not = to 7.0, 7.1, ... 7.6 I suppose we could add a 'Conflicts: redhat-release < %{version}' but conflicts are kind of nasty, might be the only way though.
Ah I missed that detail, thanks for the clarification. I was probably looking at centos-release and incorrectly assumed redhat-release had the same version. In the future we'll have a version of RPM in RHEL that supports ranged dependencies [0] to solve this correctly. Until then, I agree that a conflict is the only way to accomplish this. [0]: https://fedoraproject.org/wiki/Changes/RPM-4.14
epel-release-6-9 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7883fc5fe2
epel-release-6-9 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-7883fc5fe2
I see the feedback on that bodhi update. I had filed a bug with CentOS to add a version to centos-release, but it appears they did it that way to match redhat-release-server. https://bugs.centos.org/view.php?id=15436 With both centos-release and redhat-release-server using an unversioned provides of redhat-release, this won't be solvable for EL6. We could still do it for EL7 going forward if you like.
Yeah, I am afraid we can't really do this until/unless rhel changes, and I doubt they will want to change rhel6 at this point. ;(