Bug 2343342 - dnf5-plugin-automatic expects 0000 mode on (ghost) hosts specific configuration
Summary: dnf5-plugin-automatic expects 0000 mode on (ghost) hosts specific configuration
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: dnf5
Version: 41
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Petr Pisar
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-02-01 13:08 UTC by Georg Sauthoff
Modified: 2025-04-11 18:27 UTC (History)
6 users (show)

Fixed In Version: dnf5-5.2.12.0-2.fc43 dnf5-5.2.12.0-2.fc41 dnf5-5.2.12.0-2.fc42
Clone Of:
Environment:
Last Closed: 2025-04-08 01:28:37 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github rpm-software-management dnf5 pull 2140 0 None open spec: Set mode to ghost files 2025-03-18 08:54:23 UTC

Description Georg Sauthoff 2025-02-01 13:08:30 UTC 
The dnf-automatic man page reads:

> The  operation  of  the  tool is controlled by configuration files. Default values are set from /usr/share/dnf5/dnf5-plugins/automatic.conf config file. Host-specific overrides from /etc/dnf/automatic.conf are then applied.

However, dnf5-plugin-automatic-5.2.8.1-2.fc41.x86_64 packages both files and  /etc/dnf/automatic.conf is pretty much redundant to /usr/share/dnf5/dnf5-plugins/automatic.conf:

```
diff -u <(./sort-ini.sh /usr/share/dnf5/dnf5-plugins/automatic.conf) <(./sort-ini.sh /etc/dnf/automatic.conf)
--- /proc/self/fd/11    2025-02-01 13:55:29.517681342 +0100
+++ /proc/self/fd/12    2025-02-01 13:55:29.518681076 +0100
@@ -1,5 +1,7 @@
+[base]
+debuglevel = 1
 [command_email]
-email_from = root
+email_from = root
 email_to = root
 [commands]
 apply_updates = no
@@ -10,7 +12,7 @@
 reboot_command = "shutdown -r +5 'Rebooting after applying package updates'"
 upgrade_type = default
 [email]
-email_from = root
+email_from = root
 email_host = localhost
 email_port = 25
 email_tls = no
```

A more appropriate location for that /etc/dnf/automatic.conf seems to be /usr/share/doc/dnf-automatic/example/ or similar.

The status quo has a few disadvantages:

- I can't simply delete /etc/dnf/automatic.conf if I'm fine with the defaults because the next package update brings it back
- if I put my own host specific changes to /etc/dnf/automatic.conf 
- number of superfluous .rpmnew files to sift through is increased
- the cognitive load to check /etc/dnf/automatic.conf vs. /usr/share/dnf5/dnf5-plugins/automatic.conf to check for actual changes against the defaults is increased

I thus suggest to remove /etc/dnf/automatic.conf from the package or to install it under some docs location.

Reproducible: Always

Steps to Reproduce:
1. dnf install dnf5-plugin-automatic
2. ls /etc/dnf/automatic.conf
3.
Actual Results:  
/etc/dnf/automatic.conf

Expected Results:  
ls: cannot access '/etc/dnf/automatic.conf': No such file or directory
Comment 1 amatej 2025-02-12 08:01:45 UTC 
I think dnf5-plugin-automatic doesn't install /etc/dnf/automatic.conf, in the spec its marked as a %ghost file: https://src.fedoraproject.org/rpms/dnf5/blob/f41/f/dnf5.spec#_786

I did test it and indeed it behaved according to your expactations:
$ podman run --rm -ti fedora:41
[root@58aba8ba958b /]# dnf install -y dnf5-plugin-automatic
...
Complete!
[root@58aba8ba958b /]# ls /etc/dnf/automatic.conf
ls: cannot access '/etc/dnf/automatic.conf': No such file or directory


It is possible the file remained on your system from dnf4 automatic?
Comment 2 Georg Sauthoff 2025-02-16 00:27:53 UTC 
(In reply to amatej from comment #1)
> I think dnf5-plugin-automatic doesn't install /etc/dnf/automatic.conf, in
> the spec its marked as a %ghost file:
> https://src.fedoraproject.org/rpms/dnf5/blob/f41/f/dnf5.spec#_786
[..]
> It is possible the file remained on your system from dnf4 automatic?

Yes, it is possible. The system was upgraded from f39 ...

I wasn't aware that ghost files count for `rpm -qf` ...:

rpm -qf /etc/dnf/automatic.conf
dnf5-plugin-automatic-5.2.8.1-3.fc41.x86_64

And I also misinterpreted the verify output:

rpm -q --verify dnf5-plugin-automatic-5.2.8.1-3.fc41.x86_64
.M.......  c /etc/dnf/automatic.conf

Hm, however, shouldn't it include a `g` then?

```
g %ghost file (i.e. the file contents are not included in the package payload).
```
rpm(8)

And is it expected that ghost files are still listed?

rpm -ql dnf5-plugin-automatic-5.2.8.1-3.fc41.x86_64 | grep /etc/dnf/automatic.conf
/etc/dnf/automatic.conf

Looks like it:

```
diff -u <(rpm -ql dnf5-plugin-automatic-5.2.8.1-3.fc41.x86_64) <(rpm -ql --noghost dnf5-plugin-automatic-5.2.8.1-3.fc41.x86_64)  
--- /proc/self/fd/11    2025-02-16 01:26:02.476810396 +0100
+++ /proc/self/fd/12    2025-02-16 01:26:02.477810130 +0100
@@ -1,6 +1,3 @@
-/etc/dnf/automatic.conf
-/etc/dnf/dnf5-plugins/automatic.conf
-/etc/motd.d/dnf5-automatic
 /usr/bin/dnf-automatic
 /usr/lib/.build-id
 /usr/lib/.build-id/f0/ef48347a37c69387ca7a1ea4e7e784464e2640

```

However, I'm fine with this being closed as not-a-bug, if all of this is expected.
Comment 3 Petr Pisar 2025-02-17 08:45:29 UTC 
The file is recorded in the RPM package as a ghost file and as a configuration file. "rpm --verify" can only represent one attribute marker. If the file exist on the file system, it reports "c" for a configuration file, if the file does not exist on the file system, it reports "g" for a ghost file. A probable reason is that a ghost file still can assert an owner and permissions of the file, so if the file exists, "rpm --verify" attempts to verify those.
Comment 4 Petr Pisar 2025-02-17 11:58:50 UTC 
Actually it seems that rpmbuild defaults to 0000 mode for ghost files. That's obviously not good. dnf5.spec should either redefine it to 0644, or suppress the verification. I'm for the first option.

rpm -qlv dnf5-plugin-automatic |grep '^---'
----------    1 root     root                        0 úno 13 01:00 /etc/dnf/automatic.conf
----------    1 root     root                        0 úno 13 01:00 /etc/dnf/dnf5-plugins/automatic.conf
----------    1 root     root                        0 úno 13 01:00 /etc/motd.d/dnf5-automatic
Comment 5 Fedora Update System 2025-04-02 14:10:54 UTC 
FEDORA-2025-ef5e387d5d (dnf5-5.2.12.0-2.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-ef5e387d5d
Comment 6 Fedora Update System 2025-04-02 14:11:05 UTC 
FEDORA-2025-7f78913002 (dnf5-5.2.12.0-2.fc41) has been submitted as an update to Fedora 41.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-7f78913002
Comment 7 Fedora Update System 2025-04-03 02:20:40 UTC 
FEDORA-2025-7f78913002 has been pushed to the Fedora 41 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-7f78913002`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-7f78913002

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 8 Fedora Update System 2025-04-03 03:43:31 UTC 
FEDORA-2025-ef5e387d5d has been pushed to the Fedora 42 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-ef5e387d5d`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-ef5e387d5d

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 9 Fedora Update System 2025-04-08 01:28:37 UTC 
FEDORA-2025-7f78913002 (dnf5-5.2.12.0-2.fc41) has been pushed to the Fedora 41 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 10 Fedora Update System 2025-04-11 18:27:22 UTC 
FEDORA-2025-ef5e387d5d (dnf5-5.2.12.0-2.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.