|
 |
2c1f71 |
From cf4893a0128c567ed1fdd1b02c9cf2b43bfb02f7 Mon Sep 17 00:00:00 2001
|
|
|
2c1f71 |
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
|
|
|
2c1f71 |
Date: Mon, 30 May 2022 08:59:41 +0200
|
|
|
2c1f71 |
Subject: [PATCH] advisory upgrade: filter out advPkgs with different arch
|
|
|
2c1f71 |
|
|
|
2c1f71 |
This prevents a situation in security upgrades where libsolv cannot
|
|
|
2c1f71 |
upgrade dependent pkgs because we ask for an upgrade of different arch:
|
|
|
2c1f71 |
|
|
|
2c1f71 |
We can get the following testcase if libdnf has filtered out
|
|
|
2c1f71 |
json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
|
|
|
2c1f71 |
(because there is an advisory for already installed json-c-1-1.el8.x86_64) but
|
|
|
2c1f71 |
json-c-2-2.el8.i686@rhel-8-for-x86_64-baseos-rpms is not filtered out because
|
|
|
2c1f71 |
it has different architecture. The resulting transaction doesn't work.
|
|
|
2c1f71 |
|
|
|
2c1f71 |
```
|
|
|
2c1f71 |
repo @System -99.-1000 testtags <inline>
|
|
|
2c1f71 |
#>=Pkg: bind-libs-lite 1 1.el8 x86_64
|
|
|
2c1f71 |
#>=Pkg: json-c 1 1.el8 x86_64
|
|
|
2c1f71 |
|
|
|
2c1f71 |
repo rhel-8-for-x86_64-baseos-rpms -99.-1000 testtags <inline>
|
|
|
2c1f71 |
#>=Pkg: json-c 2 2.el8 x86_64
|
|
|
2c1f71 |
#>=Prv: libjson-c.so.4()(64bit)
|
|
|
2c1f71 |
#>
|
|
|
2c1f71 |
#>=Pkg: json-c 2 2.el8 i686
|
|
|
2c1f71 |
#>=Prv: libjson-c.so.4()
|
|
|
2c1f71 |
#>
|
|
|
2c1f71 |
#>=Pkg: bind-libs-lite 2 2.el8 x86_64
|
|
|
2c1f71 |
#>=Req: libjson-c.so.4()(64bit)
|
|
|
2c1f71 |
system x86_64 rpm @System
|
|
|
2c1f71 |
job update oneof json-c-1-1.el8.x86_64@@System json-c-2-2.el8.i686@rhel-8-for-x86_64-baseos-rpms bind-libs-lite-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms [forcebest,targeted,setevr,setarch]
|
|
|
2c1f71 |
result transaction,problems <inline>
|
|
|
2c1f71 |
#>problem f06d81a4 info package bind-libs-lite-2-2.el8.x86_64 requires libjson-c.so.4()(64bit), but none of the providers can be installed
|
|
|
2c1f71 |
#>problem f06d81a4 solution 96f9031b allow bind-libs-lite-1-1.el8.x86_64@@System
|
|
|
2c1f71 |
#>problem f06d81a4 solution c8daf94f allow json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
|
|
|
2c1f71 |
#>upgrade bind-libs-lite-1-1.el8.x86_64@@System bind-libs-lite-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
|
|
|
2c1f71 |
#>upgrade json-c-1-1.el8.x86_64@@System json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms```
|
|
|
2c1f71 |
```
|
|
|
2c1f71 |
|
|
|
2c1f71 |
= changelog =
|
|
|
2c1f71 |
msg: Filter out advisory pkgs with different arch during advisory upgrade, fixes possible problems in dependency resulution.
|
|
|
2c1f71 |
type: bugfix
|
|
|
2c1f71 |
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2088149
|
|
|
2c1f71 |
---
|
|
|
2c1f71 |
libdnf/sack/query.cpp | 25 +++++++++++++++++++------
|
|
|
2c1f71 |
1 file changed, 19 insertions(+), 6 deletions(-)
|
|
|
2c1f71 |
|
|
|
2c1f71 |
diff --git a/libdnf/sack/query.cpp b/libdnf/sack/query.cpp
|
|
|
2c1f71 |
index ac2736b5..03d39659 100644
|
|
|
2c1f71 |
--- a/libdnf/sack/query.cpp
|
|
|
2c1f71 |
+++ b/libdnf/sack/query.cpp
|
|
|
2c1f71 |
@@ -1877,12 +1877,6 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
|
2c1f71 |
std::vector<Solvable *> candidates;
|
|
|
2c1f71 |
std::vector<Solvable *> installed_solvables;
|
|
|
2c1f71 |
|
|
|
2c1f71 |
- Id id = -1;
|
|
|
2c1f71 |
- while ((id = resultPset->next(id)) != -1) {
|
|
|
2c1f71 |
- candidates.push_back(pool_id2solvable(pool, id));
|
|
|
2c1f71 |
- }
|
|
|
2c1f71 |
- NameArchEVRComparator cmp_key(pool);
|
|
|
2c1f71 |
-
|
|
|
2c1f71 |
if (cmp_type & HY_UPGRADE) {
|
|
|
2c1f71 |
Query installed(sack, ExcludeFlags::IGNORE_EXCLUDES);
|
|
|
2c1f71 |
installed.installed();
|
|
|
2c1f71 |
@@ -1893,6 +1887,18 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
|
2c1f71 |
installed_solvables.push_back(pool_id2solvable(pool, installed_id));
|
|
|
2c1f71 |
}
|
|
|
2c1f71 |
std::sort(installed_solvables.begin(), installed_solvables.end(), NameArchSolvableComparator);
|
|
|
2c1f71 |
+ Id id = -1;
|
|
|
2c1f71 |
+ while ((id = resultPset->next(id)) != -1) {
|
|
|
2c1f71 |
+ Solvable * s = pool_id2solvable(pool, id);
|
|
|
2c1f71 |
+ // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch
|
|
|
2c1f71 |
+ // with some already installed pkg (in other words: some other version of the pkg is already installed).
|
|
|
2c1f71 |
+ // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
|
|
|
2c1f71 |
+ // It can result in dependency issues, reported as: RhBug:2088149.
|
|
|
2c1f71 |
+ auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameArchSolvableComparator);
|
|
|
2c1f71 |
+ if (low != installed_solvables.end() && s->name == (*low)->name && s->arch == (*low)->arch) {
|
|
|
2c1f71 |
+ candidates.push_back(s);
|
|
|
2c1f71 |
+ }
|
|
|
2c1f71 |
+ }
|
|
|
2c1f71 |
|
|
|
2c1f71 |
// Apply security filters only to packages with lower priority - to unify behaviour upgrade
|
|
|
2c1f71 |
// and upgrade-minimal
|
|
|
2c1f71 |
@@ -1915,7 +1921,14 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
|
2c1f71 |
}
|
|
|
2c1f71 |
}
|
|
|
2c1f71 |
std::swap(candidates, priority_candidates);
|
|
|
2c1f71 |
+ } else {
|
|
|
2c1f71 |
+ Id id = -1;
|
|
|
2c1f71 |
+ while ((id = resultPset->next(id)) != -1) {
|
|
|
2c1f71 |
+ candidates.push_back(pool_id2solvable(pool, id));
|
|
|
2c1f71 |
+ }
|
|
|
2c1f71 |
}
|
|
|
2c1f71 |
+
|
|
|
2c1f71 |
+ NameArchEVRComparator cmp_key(pool);
|
|
|
2c1f71 |
std::sort(candidates.begin(), candidates.end(), cmp_key);
|
|
|
2c1f71 |
for (auto & advisoryPkg : pkgs) {
|
|
|
2c1f71 |
if (cmp_type & HY_UPGRADE) {
|
|
|
2c1f71 |
--
|
|
|
2c1f71 |
2.36.1
|
|
|
2c1f71 |
|