Bug 443443 - install_file method does not handle corrupt RPMs
Summary: install_file method does not handle corrupt RPMs
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: PackageKit
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Robin Norwood
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: F9PKBlocker
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-04-21 16:11 UTC by Richard Hughes
Modified: 2008-05-01 10:30 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-05-01 10:30:27 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Richard Hughes 2008-04-21 16:11:33 UTC 
Description of problem:

Download a corrupt RPM file and try to install it in yum:

=================================================
[hughsie@hughsie-work helpers]$ sudo yum localinstall
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm

Loaded plugins: changelog, downloadonly, refresh-packagekit
Setting up Local Package Process
Examining
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm:
gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386
Marking
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
to be installed
Resolving Dependencies
--> Running transaction check
---> Package gnome-power-manager.i386 0:2.23.1-1.112.20080418svn.fc9.hughsie set
to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Installing:
 gnome-power-manager     i386       2.23.1-1.112.20080418svn.fc9.hughsie 
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
 4.6 M

Transaction Summary
=============================================================================
Install      1 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         

Total download size: 4.6 M
Is this ok [y/N]: y
Downloading Packages:
error: rpmts_HdrFromFdno: Header SHA1 digest: BAD
Expected(70ebdf740a0668930dfa7056d714bb158fe746d6) !=
(d88a8b6d6e765e7ce08ab7e033790d3e917eaa86)


Problem opening package
gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
=================================================

The same thing with PackageKit silently exits - no error. Debugging:

=================================================
[hughsie@hughsie-work helpers]$ sudo ./install-file.py
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
allow-cancel	false
percentage	0
status	running
status	dep-resolve
no-percentage-updates
allow-cancel	true
percentage	10
status	download
percentage	40
status	sig-check
allow-cancel	false
percentage	45
status	test-commit
allow-cancel	false
percentage	50
=================================================

This sis because self.yumbase.conf.gpgcheck=0 is set for local file installs,
and so we don't do the gpg check.
Comment 1 James Antill 2008-04-21 16:28:52 UTC 
 Don't you get an exception though?
 I'd be shocked if you didn't get something from the yum API that allowed you to
see there was something wrong.
Comment 2 Richard Hughes 2008-04-21 16:58:03 UTC 
Nope, nothing. Just a silent failure. If you comment out
self.yumbase.conf.gpgcheck=0 then you get the same behavour as yum.
Comment 3 Robin Norwood 2008-04-23 16:06:00 UTC 
This is fixed upstream in change 3a6f1b06be02c6fd67b6f5abcee0c60631d2d69b, and
should be in the next release.
Note You need to log in before you can comment on or make changes to this bug.