1925103 – [RFE] Leapp could give some clues to explain why a 3rd party package is removed

Bug 1925103 - [RFE] Leapp could give some clues to explain why a 3rd party package is removed

Summary: [RFE] Leapp could give some clues to explain why a 3rd party package is removed

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	leapp-repository
Sub Component:
Version:	7.9
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	Leapp Notifications Bot
QA Contact:	upgrades-and-conversions
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1818077 1818088
TreeView+	depends on / blocked

Reported:	2021-02-04 12:24 UTC by Christophe Besson
Modified:	2023-07-31 07:12 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	OAMG-4387	0	None	None	None	2023-05-11 08:09:05 UTC

Description Christophe Besson 2021-02-04 12:24:03 UTC

Description of problem:
Leapp indicates a 3rd party package will be removed without much details.
Looking into the dependency of the package(s) in question, it appears it requires `groovy`, a package which has been removed in RHEL 8.

Improving the warning could help / ease the user experience, as this kind of 3rd party can be the most important thing installed on the machine.

Version-Release number of selected component (if applicable):
leapp-repository-0.12.0-2.el7_9.noarch

How reproducible:
100%

Steps to Reproduce:
1. Create a fake package with a dependency which is removed during the DNF transaction
2. Run a leapp upgrade

Actual results:
"The following packages have not been signed by Red Hat and may be removed during the upgrade process in case Red Hat-signed packages to be removed during the upgrade depend on them"

Expected results:
The package %s has not been signed by Red Hat and may be removed during the upgrade process, due to its dependency to %s.

Additional info:
Just tried a basic and incomplete script (without recursion):
~~~
import rpm, json

msg = "The package %s has not been signed by Red Hat and may be removed during the upgrade process, due to its dependency to %s"

third_party = []
ts = rpm.TransactionSet()
data = ts.dbMatch()
for pkg in data:
    if pkg['vendor'] == 'Red Hat, Inc.' or 'gpg-pubkey' in pkg['name']:
        continue
    deps = []
    for dep in pkg[rpm.RPMTAG_REQUIRENAME]:
        if '/' in dep or '(' in dep:
            continue
        deps.append(dep)
    third_party.append({"name": pkg['name'], "deps": deps})

with open('/etc/leapp/files/pes-events.json', 'r') as fh:
    pes = json.loads(fh.read())

for pkg in third_party:
    for dep in pkg['deps']:
        for x in pes['packageinfo']:
            if dep == x['in_packageset']['package'][0]['name'] \
              and x['out_packageset'] is None:
                print(msg % (pkg['name'], dep))
                break
~~~

~~~
# rpm -q --requires empty
/bin/bash
bash
groovy
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(PayloadIsXz) <= 5.2-1

# ./check.py 
The package empty has not been signed by Red Hat and may be removed during the upgrade process, due to its dependency to groovy
~~~

Comment 13 Peter Vreman 2021-07-01 10:05:40 UTC

This also impacts RedHat Signed packages of RHSCL, e.g. git2.27
The libssh2 is removed in RHEL8, but it is used by httpd24-libcurl that is then used by rh-git227-git-core

Note You need to log in before you can comment on or make changes to this bug.