Bug 443443 - install_file method does not handle corrupt RPMs
install_file method does not handle corrupt RPMs
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: PackageKit (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Robin Norwood
Fedora Extras Quality Assurance
:
Depends On: F9PKBlocker
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-21 12:11 EDT by Richard Hughes
Modified: 2008-05-01 06:30 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-01 06:30:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Richard Hughes 2008-04-21 12:11:33 EDT
Description of problem:

Download a corrupt RPM file and try to install it in yum:

=================================================
[hughsie@hughsie-work helpers]$ sudo yum localinstall
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm

Loaded plugins: changelog, downloadonly, refresh-packagekit
Setting up Local Package Process
Examining
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm:
gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386
Marking
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
to be installed
Resolving Dependencies
--> Running transaction check
---> Package gnome-power-manager.i386 0:2.23.1-1.112.20080418svn.fc9.hughsie set
to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Installing:
 gnome-power-manager     i386       2.23.1-1.112.20080418svn.fc9.hughsie 
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
 4.6 M

Transaction Summary
=============================================================================
Install      1 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         

Total download size: 4.6 M
Is this ok [y/N]: y
Downloading Packages:
error: rpmts_HdrFromFdno: Header SHA1 digest: BAD
Expected(70ebdf740a0668930dfa7056d714bb158fe746d6) !=
(d88a8b6d6e765e7ce08ab7e033790d3e917eaa86)


Problem opening package
gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
=================================================

The same thing with PackageKit silently exits - no error. Debugging:

=================================================
[hughsie@hughsie-work helpers]$ sudo ./install-file.py
/home/hughsie/Desktop/gnome-power-manager-2.23.1-1.112.20080418svn.fc9.hughsie.i386.rpm
allow-cancel	false
percentage	0
status	running
status	dep-resolve
no-percentage-updates
allow-cancel	true
percentage	10
status	download
percentage	40
status	sig-check
allow-cancel	false
percentage	45
status	test-commit
allow-cancel	false
percentage	50
=================================================

This sis because self.yumbase.conf.gpgcheck=0 is set for local file installs,
and so we don't do the gpg check.
Comment 1 James Antill 2008-04-21 12:28:52 EDT
 Don't you get an exception though?
 I'd be shocked if you didn't get something from the yum API that allowed you to
see there was something wrong.
Comment 2 Richard Hughes 2008-04-21 12:58:03 EDT
Nope, nothing. Just a silent failure. If you comment out
self.yumbase.conf.gpgcheck=0 then you get the same behavour as yum.
Comment 3 Robin Norwood 2008-04-23 12:06:00 EDT
This is fixed upstream in change 3a6f1b06be02c6fd67b6f5abcee0c60631d2d69b, and
should be in the next release.

Note You need to log in before you can comment on or make changes to this bug.