Description of problem: Ohai! Recently, foreman-maintain gained dependencies on the PostgreSQL client and (on EL8) the nftables package, but these are not part of https://github.com/theforeman/foreman_maintain/blob/master/extras/foreman_protector/foreman-protector.whitelist It's a bit of a chicken-and-egg problem, as during the upgrade, the config of the protector plugin from 0.8.31 is used (and that doesn't have those new deps), so I think ideally we would backport the fix to "all" relevant branches. Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1. install satellite 6.10 with external DB (so that there is no psql client on the machine) 2. try to install maintain for 6.11 Actual results: Error, because PostgreSQL client can't be installed Expected results: Installable Additional info:
Upstream bug assigned to aupadhye
I think this BZ should be failedQA, using the following reproducer: - install an empty EL8 system (no satellite, no nothing) - add Satellite repositories etc - install rubygem-foreman_maintain-1.0.8-1.el8sat.noarch (https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1987491) - this is the first version that has working DNF version locking but does not yet pull in the PostgreSQL client - try to upgrade to any newer foreman maintain version I got the following error: [root@27c6bb51f1d4 ~]# dnf upgrade Last metadata expiration check: 0:02:19 ago on Tue Oct 4 08:05:19 2022. Reading Foreman protector configuration *** Excluded total: 31179 WARNING: Excluding 31179 packages due to foreman-protector. Use foreman-maintain packages install/update <package> to safely install packages without restrictions. Use foreman-maintain upgrade run for full upgrade. Error: Problem: package rubygem-foreman_maintain-1:1.1.1-3.el8.noarch requires /usr/bin/psql, but none of the providers can be installed - cannot install the best update candidate for package rubygem-foreman_maintain-1:1.0.8-1.el8.noarch - package postgresql-10.15-1.module_el8.4.0+579+22c56897.x86_64 is filtered out by modular filtering - package postgresql-10.17-1.module_el8.5.0+827+770862af.x86_64 is filtered out by modular filtering - package postgresql-10.17-2.module_el8.5.0+865+7313c562.x86_64 is filtered out by modular filtering - package postgresql-10.17-3.module_el8.6.0+1010+2420cadb.x86_64 is filtered out by modular filtering - package postgresql-10.19-1.module_el8.6.0+1047+4202cf9a.x86_64 is filtered out by modular filtering - package postgresql-12.11-2.module_el8.6.0+1153+eb826827.x86_64 is filtered out by exclude filtering - package postgresql-12.5-1.module_el8.4.0+597+7b8b5722.x86_64 is filtered out by exclude filtering - package postgresql-12.7-1.module_el8.5.0+824+97f05ace.x86_64 is filtered out by exclude filtering - package postgresql-12.7-1.module_el8.5.0+842+bf20b04a.x86_64 is filtered out by exclude filtering - package postgresql-12.7-2.module_el8.5.0+864+9657bf3a.x86_64 is filtered out by exclude filtering - package postgresql-12.7-3.module_el8.6.0+1011+54cac4e8.x86_64 is filtered out by exclude filtering - package postgresql-12.9-3.module_el8.6.0+1043+60b632d3.x86_64 is filtered out by exclude filtering - package postgresql-13.2-1.module_el8.4.0+701+c3c42fce.x86_64 is filtered out by modular filtering - package postgresql-13.3-1.module_el8.5.0+825+b0b60c92.x86_64 is filtered out by modular filtering - package postgresql-13.3-1.module_el8.5.0+843+2fa7d82b.x86_64 is filtered out by modular filtering - package postgresql-13.3-2.module_el8.5.0+866+90b85912.x86_64 is filtered out by modular filtering - package postgresql-13.3-3.module_el8.6.0+1012+fa58b3a3.x86_64 is filtered out by modular filtering - package postgresql-13.5-2.module_el8.6.0+1044+ed943ce5.x86_64 is filtered out by modular filtering - package postgresql-13.7-2.module_el8.6.0+1152+d0162c0a.x86_64 is filtered out by modular filtering - package postgresql-9.6.20-1.module_el8.4.0+596+7b942f86.x86_64 is filtered out by modular filtering - package postgresql-9.6.22-1.module_el8.5.0+826+29c1ad77.x86_64 is filtered out by modular filtering (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) Next we update /etc/dnf/plugins/foreman-protector.whitelist with the contents of https://github.com/theforeman/foreman_maintain/pull/639/files to simulate the fix being back-ported to 0.8 and 1.0 series and re-try the upgrade. Same error occurs, as the PR allowed nftables for EL8 and psql for EL7 but not psql for EL8 Adding the following lines fixed the issue for me: # el8 postgres postgresql libpq
I posted a patch in https://github.com/theforeman/foreman_maintain/pull/647
The patch posted in comment 9 is now merged. Thanks Evgeni!
Verified. Tested on Satellite 6.12.0 Snap 14.0 Version: rubygem-foreman_maintain-1.1.8-1.el8sat.noarch Steps: For EL7, followed steps as mentioned in description or in comment10, For EL8, followed steps as mentioned in comment8, Setup empty EL8 system machine where installed mentioned old f-m version from upstream repo of foreman 3.1 (as brew is down due to outage), and applied patch of foreman-protector.whitelist from 6.12 f-m rpm, Enable 6.12 repos and try to upgrade to any newer foreman maintain version Observation: foreman maintain package upgrade to any newer version works perfectly without --disableplugin=foreman-protector for both EL7/EL8 In comment10, In wget command earlier, I mentioned wrong path for applying patch of foreman-protector.whitelist, correcting here, # wget -O /etc/yum/pluginconf.d/foreman-protector.whitelist https://raw.githubusercontent.com/theforeman/foreman_maintain/master/extras/foreman_protector/foreman-protector.whitelist Evgeni, Amit, Thank you for all your assistance with this BZ. Thanks, Gaurav
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Satellite 6.12 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:8506