Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2170093

Summary: dnf-automatic returns "success" ( zero exit status return ) even if the called dnf command returns error
Product: Red Hat Enterprise Linux 8 Reporter: Vaibhav Bhope <vbhope>
Component: dnfAssignee: Jan Kolarik <jkolarik>
Status: CLOSED ERRATA QA Contact: swm-qe
Severity: medium Docs Contact: Mariya Pershina <mpershin>
Priority: medium    
Version: 8.7CC: brian, james.antill, jkolarik, mbanas, mpershin, nsella, pkratoch
Target Milestone: rcKeywords: Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: dnf-4.7.0-18.el8 Doc Type: Bug Fix
Doc Text:
.The `dnf-automatic` command now correctly reports the exit status of transactions Previously, the `dnf-automatic` command returned a successful exit code of a transaction even if some actions during this transaction were not successfully completed. This could cause a security risk on machines that use `dnf-automatic` for automatic deployment of errata. With this update, the issue has been fixed, and `dnf-automatic` now reports every problem with packages during the transaction.
 Story Points: ---
Clone Of:
: 2212262 (view as bug list) Environment:
Last Closed: 2023-11-14 15:49:42 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2212262    

Description Vaibhav Bhope 2023-02-15 15:59:01 UTC 
Description of problem:
dnf-automatic returns "success" ( zero exit status returned ) even if the called dnf command returns error

Version-Release number of selected component (if applicable):

dnf-4.7.0-11.el8.noarch
dnf-automatic-4.7.0-11.el8.noarch

How reproducible:

Steps to Reproduce:
1. Added an immutable bit to /usr/sbin/httpd to cause a package update failure.

2. With the "dnf" command, we see that the "httpd" update failed and an exit status of "1" indicates that the command was not successful.

---------------------------------------------------------------------------
[root@rhel8 ~]# dnf -v update httpd; echo $?
Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, groups-manager, needs-restarting, playground, product-id, repoclosure, repodiff, repograph, repomanage, reposync, subscription-manager, uploadprofile, versionlock
Updating Subscription Management repositories.
DNF version: 4.7.0
cachedir: /var/cache/dnf
User-Agent: constructed: 'libdnf (Red Hat Enterprise Linux 8.7; generic; Linux.x86_64)'
--> Starting dependency resolution
---> Package httpd.x86_64 2.4.37-47.module+el8.6.0+15654+427eba2e.2 will be upgraded
---> Package httpd.x86_64 2.4.37-51.module+el8.7.0+16050+02173b8e will be an upgrade
--> Finished dependency resolution
Dependencies resolved.
===================================================================================================================================================================================================================
 Package                            Architecture                        Version                                                                Repository                                                     Size
===================================================================================================================================================================================================================
Upgrading:
 httpd                              x86_64                              2.4.37-51.module+el8.7.0+16050+02173b8e                                rhel-8-for-x86_64-appstream-rpms                              1.4 M

Transaction Summary
===================================================================================================================================================================================================================
Upgrade  1 Package

Total download size: 1.4 M
Is this ok [y/N]: y
Downloading Packages:
httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64.rpm                                                                                                                           3.6 MB/s | 1.4 MB     00:00    
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                              3.6 MB/s | 1.4 MB     00:00     
Using rpmkeys executable at /usr/bin/rpmkeys to verify signatures
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                           1/1 
  Running scriptlet: httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64                                                                                                                                      1/1 
  Upgrading        : httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64                                                                                                                                      1/2 
Error unpacking rpm package httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64
Errors occurred during transaction.
  Verifying        : httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64                                                                                                                                      1/2 
  Verifying        : httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64                                                                                                                                    2/2 
Completion plugin: Generating completion cache...
Installed products updated.
Failed: httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64
Failed: httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64

Failed:
  httpd-2.4.37-47.module+el8.6.0+15654+427eba2e.2.x86_64                                                    httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64                                                   

Error: Transaction failed
1
---------------------------------------------------------------------------

3. With the "dnf-automatic" command, we see that the "httpd" update failed and the exit status returned was 0.

---------------------------------------------------------------------------
# dnf-automatic --installupdates ; echo $?
Updating Subscription Management repositories.
Last metadata expiration check: 0:03:42 ago on Wed 15 Feb 2023 10:30:55 AM EST.
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Error unpacking rpm package httpd-2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64
Installed products updated.
The following updates have been applied on 'rhel8':
===================================================================================================================================================================================================================
 Package
       Arch   Version                    Repository                        Size
===================================================================================================================================================================================================================
Upgrading:
 httpd x86_64 2.4.37-51.module+el8.7.0+16050+02173b8e
                                         rhel-8-for-x86_64-appstream-rpms 1.4 M

Transaction Summary
===================================================================================================================================================================================================================
Upgrade  1 Package

Updates completed at Wed 15 Feb 2023 10:34:41 AM EST
0
---------------------------------------------------------------------------

Actual results:

With the dnf-automatic command, if an update fails, then echo $? will return a 0 exit status. 0 means that no error occurred as the yum command completed. 

With the dnf-automatic command, if an update fails, then echo $? will return a 0 exit status. 0 means that no error occurred as the yum command completed. .
 
Expected results:

With dnf-automatic command, if update failed is failed then echo $? should return correct exit status.

Additional info:
Comment 2 Jan Kolarik 2023-04-19 07:05:33 UTC 
Looks like a quite long-lasting bug there. Originally this issue was reported in DNF here: https://bugzilla.redhat.com/show_bug.cgi?id=1341086, but it was only fixed for the CLI usage. Looking into the latest DNF 4.15.0 release sources, this is the place where this failure is handled for CLI: https://github.com/rpm-software-management/dnf/blob/5306910d06631bc93fa3ece0e70ed27ee592b0aa/dnf/cli/cli.py#L264.
Comment 3 Jan Kolarik 2023-04-20 10:17:17 UTC 
I've created a PR to fix this: 

DNF PR:   https://github.com/rpm-software-management/dnf/pull/1923
tests PR: https://github.com/rpm-software-management/ci-dnf-stack/pull/1250
Comment 4 Jan Kolarik 2023-06-05 06:52:18 UTC 
Cloned into RHEL 9 bug: https://bugzilla.redhat.com/show_bug.cgi?id=2212262.
Comment 10 errata-xmlrpc 2023-11-14 15:49:42 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (dnf bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:7122