rpm-software-management / libdnf Goto Github PK

View Code? Open in Web Editor NEW

182.0 32.0 139.0 15.09 MB

Package management library.

License: GNU Lesser General Public License v2.1

Shell 0.07% C 27.28% CMake 2.30% Python 3.46% C++ 65.55% Makefile 0.02% SWIG 1.32%

libdnf dnf rpm solver package-management package-manager library cpp python

libdnf's People

Contributors

Stargazers

Watchers

Forkers

cgwalters glensc miminar tojaj giuseppe stefwalter kalev pombreda martin-a-brown juhp jsilhan mluscon conan-kudo pombredanne sharkcz michaelmraka regeciovad j-mracek ignatenkobrain yuqi-zhang stepasm papamarky edcuba gbraad rpm5 tyroneabdy hataejun jrohel jlebon voxik mayorgatellez mvollmer schaefi chbmuc peterbaouoft frenzymadness mhatina m-blaha jameslinus anselmolsm zhangxianwei8 dmnks projectatomic alexxnica kryndex vitan mizdebsk berolinux r4f4 jdieter dmach swarajdash warlock20 mmathesius sgallagher msehnout goeranu pkratoch yurchor nphilipp adelton kahowell kontura kraj proyvind enterstudio directhex acidburn0zzz claneys ari3s jamescassell clayne tomastomecek raineforest ionic clcollins prebuilder nullr0ute adamwill ppisar morucci inknos saur2000 lachmanfrantisek kahenteikou fepitre lucab xqrustc2020 isabella232 malmond77 bzeller rb2k schubi2 dmantipov yurivict bitwiseworks dfaggioli gicmo benierc mattdm

libdnf's Issues

test fails on aarch64/armv7hl/ppc64

test 2
    Start 2: test_libdnf_main
2: Test command: /builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main
2: Test timeout computed to be: 9.99988e+06
2: /libdnf/repo_loader{gpg-asc}: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: Librepo version: 1.7.20 with CURL_GLOBAL_ACK_EINTR support (libcurl/7.52.1 NSS/3.27.2 zlib/1.2.8 libidn2/0.11 libpsl/0.16.1 (+libidn2/0.11) libssh2/1.8.0 nghttp2/1.18.1)
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: Current date: 2017-01-06T10:44:09+0000
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: Msg: repos.d invalidated
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: setting keyfile data for gpg-repo-asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: added repo /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/yum.repos.d/gpg-repo-asc.repo	gpg-repo-asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: Msg: repos.d invalidated
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: setting keyfile data for gpg-repo-asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: added repo /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/yum.repos.d/gpg-repo-asc.repo	gpg-repo-asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_setopt: WARNING! Deprecated LRO_MIRRORLIST used
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_perform: Using dir: /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_prepare_internal_mirrorlist: Preparing internal mirrorlist
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_prepare_internal_mirrorlist: Finalizing internal mirrorlist
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_prepare_internal_mirrorlist: Finalizing mirrors reported via LRI_MIRRORS
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_perform: Downloading/Locating yum repo
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_yum_use_local: Locating repo..
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_yum_use_local_load_base: Parsing repomd.xml
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_gpg_check_signature_fd: Bad GPG signature
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_yum_use_local_load_base: repomd.xml GPG signature verification failed: Bad GPG signature
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: setting keyfile data for gpg-repo-asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: adding lock 1
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: importing public key file://$testdatadir/gpgkey/signing_key.pub
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: Downloading file://$testdatadir/gpgkey/signing_key.pub to /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/repomd.pub
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_download: Target: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpgkey/signing_key.pub (-)
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: select_next_target: Selecting mirror for: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpgkey/signing_key.pub
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: prepare_next_transfer: URL: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpgkey/signing_key.pub
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_download: Downloading started
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: check_transfer_statuses: Transfer finished: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpgkey/signing_key.pub (Effective url: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpgkey/signing_key.pub)
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: Attempting to update gpg-repo-asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_perform: Using dir: /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_prepare_internal_mirrorlist: Preparing internal mirrorlist
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_prepare_internal_mirrorlist: Finalizing internal mirrorlist
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_prepare_internal_mirrorlist: Finalizing mirrors reported via LRI_MIRRORS
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_handle_perform: Downloading/Locating yum repo
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_yum_download_remote: Downloading/Copying repo..
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_yum_download_repomd: Downloading repomd.xml via mirrorlist
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_download: Target: repodata/repomd.xml (-)
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_prepare_lrmirrors: Preparing internal mirror list for handle id: 0x2aad0c2d390
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_prepare_lrmirrors: Mirror: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: select_next_target: Selecting mirror for: repodata/repomd.xml
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: prepare_next_transfer: URL: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/repodata/repomd.xml
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_download: Downloading started
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: check_transfer_statuses: Transfer finished: repodata/repomd.xml (Effective url: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/repodata/repomd.xml)
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_download: Target: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/repodata/repomd.xml.asc (-)
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_prepare_lrmirrors: Preparing internal mirror list for handle id: 0x2aad0c2d390
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_prepare_lrmirrors: Mirror: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: select_next_target: Selecting mirror for: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/repodata/repomd.xml.asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: prepare_next_transfer: URL: file:///builddir/build/BU**
2: libdnf:ERROR:/builddir/build/BUILD/libdnf-0.7.1/tests/libdnf/dnf-self-test.c:1061:dnf_repo_loader_gpg_asc_func: assertion failed (error == NULL): failed to unlink /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/S.gpg-agent.extra (DnfError, 4)
2: ILD/libdnf-0.7.1/data/tests/gpg-asc/repodata/repomd.xml.asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_download: Downloading started
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: check_transfer_statuses: Transfer finished: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/repodata/repomd.xml.asc (Effective url: file:///builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc/repodata/repomd.xml.asc)
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_yum_download_remote: GPG signature successfully verified
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: lr_yum_download_remote: Parsing repomd.xml
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): librepo-DEBUG: 1257930816: Repomd revision: lr_yum_download_remote
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: simulating, so not switching to new metadata
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/repomd.pub
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/repodata/repomd.xml.asc
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/repodata/repomd.xml
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting directory /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/repodata
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/trustdb.gpg
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/S.gpg-agent.ssh
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/S.gpg-agent
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/S.gpg-agent.browser
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting directory /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/private-keys-v1.d
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/pubring.kbx
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/S.gpg-agent.extra
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting file /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir/pubring.kbx~
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting directory /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp/gpgdir
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: deleting directory /builddir/build/BUILD/libdnf-0.7.1/data/tests/gpg-asc.tmp
2: (/builddir/build/BUILD/libdnf-0.7.1/build-py2/tests/libdnf/test_libdnf_main:11577): libdnf-DEBUG: releasing lock 1
2/3 Test #2: test_libdnf_main .................***Exception: Other  1.16 sec

though not really much info =(

NEVRA comparison returns wrong result

Viz:

>>> import hawkey
>>> hawkey.split_nevra('pungi-4.0.14-3.fc24.src') < hawkey.split_nevra('pungi-4.0.7-1.fc24.src')
True

WTF?

This is with hawkey 0.6.3-2 on Fedora 24, but I'm reporting here as apparently hawkey has been rolled into libhif. But I'd need a fix for this on all supported Fedoras (22 -> Rawhide).

Expose utility functions for consumers which use hawkey/librepo (become a bag of utilities)

Splitting this out from #19

The more I think about it, the more I feel that libhif should become a more explicit bag of bits. PackageKit already uses it that way, and rpm-ostree wants to as well. (Disregarding the possible intersection of PK and rpm-ostree in other ways...)

There's a number of other related issues here. Basically, I'm thinking we keep HifContext, but have most of its structure members be public. Don't make me hif_context_get_transaction() etc. Make everything in hif-context-private.h be public.

There are a lot of followon changes from this. We would likely need to kind of give up on introspection support for example. Which would be sad, but I think a way to regain some alignment would be for dnf to use pygobject, and change hawkey to be a gobject library or something. Anyways in the short term, no one is writing scripted tools using libhif right now.

Internal symbols exported with headers

$ objdump -T /usr/lib64/libhif.so|grep hif_rc
000000000001be87 g    DF .text  00000000000001de  Base        hif_rc_to_gerror

I guess hif-utils.h presumably isn't presently intended to be public, yet we're exporting the symbol and installing the header. It's just not usable to clients because of the guard:

#if !defined (__LIBHIF_H) && !defined (HIF_COMPILATION)
#error "Only <libhif.h> can be included directly."
#endif

I think the cleanest fix is to adopt glib-style -fvisibility=hidden by default, with a HIF_PUBLIC decorator to expose symbols. And fix the Makefile to only install public headers.

Still seeing Valgrind failures after merge of #232

After the merge of #232, I'm still seeing a few leaks indicated by Valgrind.

Log for valgrind test failures: libdnf-20161218-valgrind-fails.log.txt

test_creation: self.assertRaises(hawkey.ValueException, hawkey.Sack, arch="play")

3: ======================================================================
3: FAIL: test_creation (tests.test_sack.BasicTest)
3: ----------------------------------------------------------------------
3: Traceback (most recent call last):
3:   File "/builddir/build/BUILD/libhif-0.7.0-14g3d60dd1/python/hawkey/tests/tests/test_sack.py", line 59, in test_creation
3:     self.assertRaises(hawkey.ValueException, hawkey.Sack, arch="play")
3: AssertionError: ValueException not raised
3: 
3: ----------------------------------------------------------------------
3: XML: /builddir/build/BUILD/libhif-0.7.0-14g3d60dd1/build-py2/python/hawkey/tests/tests/xunit.xml
3: ----------------------------------------------------------------------

Support Vendor-locking

We should add support for libsolv's vendorlocking functionality.

This is something related to rpm-software-management/dnf#502 PR.

How libsolv feature works:

We install foo package which has vendor Fedora Project
We enable repo which provides foo package with new version with vendor Vasya
If vendorlock is enabled then package from newly-added repo will not be installed because it has different vendors.

There are also vendor classes, e.g. we can have one class which will contain Fedora Project, Red Hat, Inc. so package can be updated/downgraded/etc. from one of those sources.

Along with this we should add some flag into DNF which will allow changing of vendors and probably print some warning that it can be dangerous.

Some architectural questions:

How should we maintain vendorclass lists? (It also can be blacklist) Config file or just in code?

Support for RPM Groups and related functionality

While Fedora has dropped usage of the RPM Groups, most distributions have not. In my case, I've been diligently working on implementing DNF and libhif for Mageia. However, Mageia does not use comps, and uses its own RPM Groups to sort packages for RPMDrake and other tools.

Unfortunately, DNF and libhif do not currently support the Group tag. Would you please add it?

I did make a PR to add the functionality to pull in the Group tag in hawkey, but that's about as far as I got.

It'd also be great if it was supported in the PackageKit Hif backend (so that tools like Apper, Muon Discover, etc. work with Groups).

I'm sure for Fedora, it would make sense for it to expose the comps data instead, so you may want to set it up to retrieve comps as groups if comps data is defined, otherwise use group data. Or maybe a compile time switch to flip the behavior?

recognize "newpackage" kind

Originally reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1217142

Properly recognizes types "security", "bugfix", and "enhancement", but categorizes "newpackage" as "unknown"

as hawkey is dead let's migrate it here. It shouldn't be hard to implement it.

directories in /etc/yum/protected.d/

https://bugzilla.redhat.com/show_bug.cgi?id=1214309

[Errno 21] Is a directory: u'/etc/yum/protected.d/RCS'

We need to check how it works here... with new functionality of protected_packages by @jsilhan

noninteractive gpg

RPM and GPG. Always a fun topic!

For the case of upgrading inside an existing system, e.g. you're doing yum update inside a Fedora system with fedora-release installed which references the GPG key by file:/// URIs that were already retrieved in a trusted way (ideally), things are fine.

Where things start to break down is when one is operating on a root outside of the running system, which happens with things like installers (Anaconda) and containers (rpm-ostree container).

Notes

It's common for 3rd party repository files to reference GPG keys by http(s):// URL
At least yum will auto-download and then either prompt, or auto-import if -y is provided (and it's very common to use -y in deployment scripts, Dockerfiles, etc.)
In Fedora at least, the LiveCD kickstart imports the gpg keys for the main repos, so users don't see the prompt on the first update

Also specifically, I think using yum -y with gpgkey=http://blah.com/ is completely broken - anyone on the internets can MITM the key and the packages.

libhif noninteractivity vs GPG

Now libhif has a policy of noninteractivity (AFAICS). Which...flips around some of the tradeoffs. We actually currently don't even import gpgkey URL references at all if gpgcheck=1 but gpgcheck_md=0 (which is the default for Fedora/CentOS at least).

Fixes

Add a new gpg_fingerprint to repository files. That way we can auto-download them even over un-authenticated http without (too much) fear (doing HTTP as root still sucks).
For the use case of constructing fresh install roots, I would like to support retrieving keys from locations relative to the .repo file. Something like: gpgkey=file://./RPM-GPG-KEY-CentOS-7
Make more well defined which keyring is used for installroots (do we use the real /etc/rpm/pki-gpg even if doing an installroot?)

HyNevra -> HifNevra

excludes= handling does not do regexps or provides

When I added excludes= support in 5578235 I didn't notice that it supported globs (e.g. kernel* as well as provides).

It'd be nice if the dnf code here was lowered from dnf to hawkey, and we did the same thing.

Rename repo

Do we want to rename this repo to libdnf? Since we're breaking things anyway, might as well get the name correct before we're declared stable.

move to rpm-software-management github org?

It'd provide cross visibility and more easily allow more people to contribute.

Push a 0.2.0 git tag

Right now on master:

$ git describe --tags --always origin/master
libhif_0_1_7-1197-g514af76

This is wrong because the Fedora spec file is 0.2.x, and we have 0.7.0 in master. I'd like to abandon the "pre-release" model and push a 0.7.0 tag for current git master. This would fix rpmdistro-gitoverlay which uses git describe for Version.

Thoughts?

load_yum_repo: Assertion `hrepo->state_main == _HY_NEW' failed.

In #185 it helps to workaround assertion which is triggered when you load repo twice for distro-build, but basically it's still broken.

Reproducer:

import dnf

base = dnf.Base()
conf = base.conf

RELEASEVER = dnf.rpm.detect_releasever(conf.installroot)
conf.substitutions['releasever'] = RELEASEVER
conf.read()  # read the dnf.conf
base.read_all_repos()
base.fill_sack()
base.reset(sack=True)
base.fill_sack()

https://bugzilla.redhat.com/show_bug.cgi?id=1332067

Consider supportting langpacks

I'm moving this from coreos/rpm-ostree#268 for discussion here.

So, merge langpack logic into libhif as an option? I think that's my vote.

https://github.com/pnemade/dnf-langpacks

Reading https://github.com/pnemade/dnf-langpacks/blob/master/langpacks.pyhttps://github.com/pnemade/dnf-langpacks/blob/master/langpacks.py ...there's some ugly stuff in here. I suppose reality is ugly though.

Trouble building on Debian

I installed everything in the readme, or the equivalent. Any idea? A search shows that that libglib2.0-dev provides the package config, but I already have that. Perhaps it is too old a version?

Full log: http://sprunge.us/GOcj

CMakeCache.txt: http://sprunge.us/CUYB

-- checking for module 'gio-unix-2.0>=2.44.0'
--   package 'gio-unix-2.0>=2.44.0' not found
CMake Error at /usr/share/cmake-3.0/Modules/FindPkgConfig.cmake:341 (message):
  A required package was not found
Call Stack (most recent call first):
  /usr/share/cmake-3.0/Modules/FindPkgConfig.cmake:395 (_pkg_check_modules_internal)
  CMakeLists.txt:29 (PKG_CHECK_MODULES)


CMake Error at CMakeLists.txt:31 (find_package):
  Could not find a configuration file for package "LibSolv" that is
  compatible with requested version "0.6.21".

  The following configuration files were considered but not accepted:

    /usr/lib/x86_64-linux-gnu/cmake/LibSolv/LibSolvConfig.cmake, version: unknown



-- Configuring incomplete, errors occurred!
See also "/build/libhif-0.2.3/build/CMakeFiles/CMakeOutput.log".
debian/rules:16: recipe for target 'override_dh_auto_configure' failed
make[1]: *** [override_dh_auto_configure] Error 1
make[1]: Leaving directory '/build/libhif-0.2.3'
debian/rules:13: recipe for target 'binary' failed
make: *** [binary] Error 2

More cleanly separate library parts which need uid 0

For rpm-ostree, I want to not do HTTP as root, among other things. At the moment, the only thing which actually needs uid 0 is HifTransaction I believe (ultimately due to librpm requiring the ability to chroot() for %post calls). We could just add some documentation?

HifState is suboptimal

Currently with the PK/libhif combo things are awkward, as PackageKit has its own progress reporting infrastructure.

Explicitness of `HifState`

A good example of the oddity here is hif_context_setup_sack takes an explicit HifState parameter (which PK uses), but hif_context_run uses the one internal to the context (PK does not invoke this). So, should HifContext not have-a state, and each function should take it?

Coarse/generic vs rpm-specific/fine

The PK reporting is not rpm specific - it's higher level. For https://github.com/projectatomic/rpm-ostree I want more of the actual details. For example, the baseurl of the remote repo in the case of a mirrorlist. (Not even sure if librepo exposes that yet)

The HifStateAction which is mostly a mirror of PK is too coarse. I want status for each repo. (And to update repos in parallel, but let's ignore that for now). This looks like it would mean basically reimplementing hif_sack_add_sources. Which isn't complex, maybe I should do that?

generate all files out-of-tree

[ ] libhif/hif-version.h
[ ] docs/libhif/version.xml

For the libhif-docs we should generate all documentation out-of-tree, not just generate version-file there.

tests are creating some tempdirs and doesn't cleanup them

I found some /tmp/hawkeyXXXXXX and /tmp/pyhawkeyXXXXXX and probably normal /tmp/tmpXXXXXX residing in my system after failed? tests.

write to both yumdb and dnfdb if possible

whether to write to yumdb or dnfdb should not be determined during compilation time but rather if the any db exists write to it. The data should be read from dnfdb if exists, otherwise from yumdb. Related to https://bugzilla.redhat.com/show_bug.cgi?id=1259865

pkg-config file is broken

I'm not a CMake expert, but I believe it's because this line:

CONFIGURE_FILE("libhif.pc.in" "${CMAKE_CURRENT_SOURCE_DIR}/libhif.pc" @ONLY)

comes before this one:

SET (LIB_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/lib${LIB_SUFFIX}")

but contains a substitution for LIB_INSTALL_DIR:

prefix=@CMAKE_INSTALL_PREFIX@
libdir=@LIB_INSTALL_DIR@
includedir=@CMAKE_INSTALL_PREFIX@/include

So at the time CONFIGURE_FILE runs, LIB_INSTALL_DIR is unset, so libdir ends up pointing nowhere.

I found this because I have a libtool that moans about empty -L entries and this was causing an empty -L because it was blindly substituting in libdir, which was empty.

I believe the solution should be to just move the LIB_INSTALL_DIR setter above the CONFIGURE_FILE that uses it.

I'm on 88945bd.

set up rpm log callback to acquire errors from more places

Right now if a transaction fails we just say "Error -1". Apparently the right thing here is to call rpmlogSetCallback(). See also what yum does.

HifSource hardcodes retrieval set

const gchar *download_list[] = { "primary",
                 "filelists",
                 "group",
                 "updateinfo",
                 "appstream",
                 "appstream-icons",
                 NULL};

For rpm-ostree I don't need appstream data.

basearch error when running tests on armv5tl

When building and running tests of libhif on armv5tl for Mageia Cauldron, the following error occurs when the unit tests are running:

2: libdnf:ERROR:/home/iurt/rpmbuild/BUILD/libhif-2d8ba15cd2beac8ed3df2316e384f11dd1b78c0c/tests/libdnf/dnf-self-test.c:1033:dnf_repo_loader_gpg_asc_func: assertion failed (error == NULL): basearch not set (DnfError, 4)

The full build log provides proper context.

older package regression from https://github.com/rpm-software-management/libhif/pull/50

We're seeing issues from #50

https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2016-April/msg00133.html

And I have seen us picking an older version of docker if multiple versions are available.

I think we still need to filter by newest NEVRA. Will look.

libhif doesn't handle signing-key-changes well

When attempting to do an offline update using libhif-0.1.7-3.fc21 yesterday, the updates failed with an ambiguous error about a database index. It turns out that one of my third-party repos (Numix, for a GNOME Shell Theme) changed the keys with which it signed packages and the offline updater didn't handle this gracefully.

Local repositories wiped out during PackageKit refresh

PackageKit seems to wipe out local repositories during refresh. Discussion is here [1], suggesting this is a libhif issue. To reproduce, add a local yum repo such as

[local]
name=Local
baseurl=file:///home/<username>/rpmbuild/repo
enabled=1
gpgcheck=0
metadata_expire=0

and do a pkcon refresh. The rpms in the local repo will get deleted, and the owner/group of the repo folder and of the repodata folder inside changed to root:root.

[1] https://lists.fedoraproject.org/pipermail/devel/2014-November/204778.html

Support comps

I think previously this was deemed somewhat ugly because libcomps is a non-glib library...should we consider folding it in directly into libhif and adding the glib dep? (Would the authors agree?)

But it's likely for rpm-ostree at least we'll need to support comps for
https://mail.gnome.org/archives/ostree-list/2016-April/msg00020.html
https://mail.gnome.org/archives/ostree-list/2016-April/msg00010.html

LibSolv cmake weirdness

Since 832f613 went in, I'm getting the following with my build:

CMake Error at CMakeLists.txt:27 (find_package):
  By not providing "FindLibSolv.cmake" in CMAKE_MODULE_PATH this project has
  asked CMake to find a package configuration file provided by "LibSolv", but
  CMake did not find one.

  Could not find a package configuration file provided by "LibSolv" with any
  of the following names:

    LibSolvConfig.cmake
    libsolv-config.cmake

  Add the installation prefix of "LibSolv" to CMAKE_PREFIX_PATH or set
  "LibSolv_DIR" to a directory containing one of the above files.  If
  "LibSolv" provides a separate development package or SDK, be sure it has
  been installed.

It might just be something weird about my setup, but it worked with no special effort prior to that commit.

add support for easy upgrade of all packages

smth like dnf_context_update_all().

$uuid substitution support

someone uses it in repo link substitution and we have bugreport for it. I think we should take /etc/machine-id and push it.

https://www.freedesktop.org/software/systemd/man/machine-id.html

@jsilhan it's different size from what we have in yum, so what you think?

I think it's good idea to reuse machine-id stuff and don't create same thing on our own.

install() prefers provides

Fedora Atomic Host uses rpm-ostree, in the treefile right now we have:

packages: ["iptables-services", "iptables"]

Yet, this depsolves to just include iptables-services. The reason appears to be that iptables-services, added a Provides: iptables, and hence we use that to satisfy the install("iptables"). We can work around this by changing it to /usr/sbin/iptables, but this is obviously suboptimal.

I think this is a regression from #204

libdnf's GObjects have many setters and getters but no properties

I can't help but notice that you seem to be replicating some GObject machinery by hand, specifically exposing a plethora of setters and getters and using them to fire manually defined signals. The problem with this is two-fold:

API consumers have to rely on libdnf providing notify hooks for changes they're interested in, instead of being able to connect to GObject's notify signal for whatever they need.
It makes the API cumbersome to use through GI, as languages that have support for automatic property setters and getters are forced to use the C-style API anyway

I understand you guys are gearing up for a release soon, so I apologise if this is a poor time to raise a question re API.

gpgkey can be a list

In yum, gpgkey is a UrlListOption which can be newline or comma separated. We currently fail to parse this, and obviously don't handle multiple.

AFAIK neither Fedora or CentOS use this, however we've seen some repos in RHEL that do.

Update README to reflect current status

It would be nice if the README included a warning that the API from master is unstable.

Also, is there a roadmap of sorts somewhere to know what the plan is? Are there well-defined requirements that must be met before the API can be declared stable?

spurious change in commit dbe03ed

dbe03ed looks like it has a spurious change to hif-transaction.c, the code now reads:

if (!ret)
    goto out;

/* import all GPG keys */
if (!ret)
    goto out;

Segfault from dnf_context_repo_enable/disable

The docs for dnf_context_repo_enable state that it must be called before dnf_context_setup, but if one does then dnf_context_repo_set_data ends up trying to access the len property of an uninitialised priv->repos. It looks to me as though repos is initialised by dnf_context_setup, which makes the docstring rather confusing.

-Wincompatible-pointer-types: const char **plist = hy_goal_describe_problem_rules(self->goal,

/builddir/build/BUILD/libdnf-0.7.0-0.1277gfb39d85/python/hawkey/goal-py.c: In function 'describe_problem_rules':
/builddir/build/BUILD/libdnf-0.7.0-0.1277gfb39d85/python/hawkey/goal-py.c:475:26: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types]
     const char **plist = hy_goal_describe_problem_rules(self->goal,
                          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

forgotten null check

in libhif / libhif / hif-source.c :
in gboolean hif_source_is_local (HifSource *source) :

    if (baseurls != NULL && baseurls[0] != NULL) {
        _cleanup_free_ gchar *url = NULL;
        url = lr_prepend_url_protocol (baseurls[0]);
        if (strncasecmp (url, "file://", 7) == 0)
            return TRUE;
    }
}

part the if ( url != NULL ) { part is forgotten just after url = lr_prepend_url_protocol (baseurls[0]);
part.

https://bugzilla.redhat.com/show_bug.cgi?id=1166974

-Wsign-compare: fail_unless(dnf_solution_get_action(sol) == expected_actions[p][i]);

/builddir/build/BUILD/libdnf-0.7.0-0.1277gfb39d85/tests/hawkey/test_goal.c: In function 'test_goal_get_solution':
/builddir/build/BUILD/libdnf-0.7.0-0.1277gfb39d85/tests/hawkey/test_goal.c:1362:54: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
             fail_unless(dnf_solution_get_action(sol) == expected_actions[p][i]);
                                                      ^

custom variables for repo files (same as /etc/yum/vars)

Description of problem:
yum supports custom variables by putting files into /etc/yum/vars

From the man page of yum.conf:

As  of  3.2.28, any properly named file in /etc/yum/vars is turned into a variable named after the filename (or over‐rides any of the above variables). 
Filenames may contain only alphanumeric characters and underscores and be in lowercase.

This feature does not seem to exist in dnf.

From https://bugzilla.redhat.com/show_bug.cgi?id=1251774

hif_package_is_gui does not properly detect Qt/KDE GUI applications

libkde* is not a correct method to match Qt/KDE GUI applications. It does not catch Qt-only applications, it will not catch applications using KDE Frameworks 5 (coming soon), and it does erroneously catch applications using only libkdecore and no GUI.

You should instead check for any of these libraries being required:
libQt5Gui.so.5
libQtGui.so.4
libqt-mt.so.3
If one of these is required, it's a GUI app, if not, it's probably not a Qt GUI app.

Nonsensical message from dnf_transaction_commit on rpmts failure

https://github.com/rpm-software-management/libhif/blob/master/libdnf/dnf-transaction.c#L1550

If rpmtsRun does in fact hit a roadbump, all the user gets out of libdnf is "Error -1 running transaction". Would it be possible to probe the rpmlog API to enhance the quality of the error message?

include releasever and arch in cachedirs

I was doing a rpm-ostree rebase to Fedora 24 (which worked basically 🏆 ) except for a few bugs, one of which was that I was confused why the rebase was trying to download fedora 23 content still, until I traced it to the fact that we were still looking in the old cache and not refreshing it.

I think yum suffixes with releasever, dnf seems to do something else that results in a checksum? Will look at the source.

rpm-ostree regression from #131

See #131 . We're debugging now.

FTBFS on Unity Linux (musl-libc) due to usage of qsort_r (hawkey code issue)

This issue is technically from the hawkey codebase, as libhif itself didn't have this issue before.

hawkey 0.6.2 fails to build from source because in goal.c (now hy-goal.c) uses qsort_r(), which is not implemented in musl-libc. libsolv similarly had this problem and wound up importing a qsort_r implementation that they tweaked a bit for use when qsort_r is unavailable.

I suggest doing something similar to solve this issue.