Description of problem: yum-protectbase fails to protect a protected repo's packages from being overridden if an unprotected repo's package OBSOLETES it with a new name. How reproducible: When updates which obsolete are available in an unprotected repo. Steps to Reproduce: 1. yum install yum-protectbase 2. enable protection on all the base repos against rogue 3rd-party updates: perl -i -pe "s/(\[.*\])/\1\nprotect=yes/" /etc/yum.repos.d/{fedora-*,livna-*} 3. install the dries or ATRPMS 3rd-party repo 4. yum update Actual results: A few 3rd-party packages still slip through the exclusion cracks because they're obsoleting/replacing a package with a new name, rather than just updating one by the same name. Expected results: obsoletes should also be excluded from replacing protected packages with one by a new name. Additional info: Example update from ATRPMS: # yum --enable updates-testing --enable livna-testing --enable atrpms --changelog update Loading "protectbase" plugin Loading "fastestmirror" plugin Loading "changelog" plugin Loading "allowdowngrade" plugin Loading "installonlyn" plugin Loading mirror speeds from cached hostfile Loading mirror speeds from cached hostfile Setting up Update Process 154 packages excluded due to repository protections Resolving Dependencies --> Running transaction check ---> Package PIL.i386 0:1.1.6-8.fc7 set to be updated ---> Package mpg123.i386 0:0.66-4.fc7 set to be updated Changes in packages about to be updated: Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: PIL i386 1.1.6-8.fc7 atrpms 427 k replacing python-imaging.i386 1.1.6-3.fc7 mpg123 i386 0.66-4.fc7 atrpms 192 k replacing mpg321.i386 0.2.10.3-3.lvn6 Transaction Summary ============================================================================= Install 2 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 620 k Is this ok [y/N]: Seth, thanks for your general pointers on what needs to be modified to accomplish this, unfortunately the yum api is a little over my head. - zcat
The 'yum-priorities' plugin handles obsoletes, as well as more than just binary protected/not-protected. Closing this bug since the priorities plugin should be recommended in place of protectbase.