From Fedora Project Wiki
mNo edit summary
mNo edit summary
Line 81: Line 81:
This change allows the user to be notified when a package cannot be upgraded to the latest version, instead of silently ignoring it as an upgrade candidate.
This change allows the user to be notified when a package cannot be upgraded to the latest version, instead of silently ignoring it as an upgrade candidate.


This is especially important for security fixes that could otherwise be overlooked by the user in case there is misconfiguration in their repository configuration or inconsistency in the metadata itself.
Right now, when DNF runs in ''best=0'' mode, if a package cannot be upgraded due to dependency problems, it is skipped and a warning is printed in the transaction summary. However, this poses a risk of important security fixes being overlooked by the user in case they are broken for some reason, such as due to a repository misconfiguration or inconsistency within the metadata itself.


Right now, when in ''best=0'' mode, if a package cannot be upgraded due to dependency problems, it is skipped and a warning is printed in the transaction summary. However, since DNF always exits with the return code ''0'' (success) when in ''best=0'' mode, this mode is especially risky in automated scripts invoking DNF in ''assumeyes'' mode in which case such unsuccessful package upgrades could easily go unnoticed unless the logs are manually examined after the fact.
Moreover, since DNF always exits with the return code ''0'' (success) when in ''best=0'' mode, this mode is especially risky in automated scripts invoking DNF in ''assumeyes'' mode in which case such unsuccessful package upgrades could easily go unnoticed unless the logs are manually examined after the fact.


The new behavior is also more in line with the generally accepted software development practice of failing early and failing fast.
The new behavior is also more in line with the generally accepted software development practice of failing early and failing fast.

Revision as of 14:40, 11 February 2019


DNF Best Mode By Default

Summary

Make DNF always try to upgrade to the highest available version of a package, even only to fail due to dependency problems.

Owner

Current status

  • Targeted release: Fedora 30
  • Last updated: 2019-02-11
  • Tracker bug: <will be assigned by the Wrangler>

Detailed Description

Change the built-in default value of the best configuration option from 0 (false) to 1 (true).

As a result, unless best is overridden in the /etc/dnf/dnf.conf file or using --setopt, it will default to 1. As a convenience, we will also put the explicit best=1 assignment in the shipped /etc/dnf/dnf.conf file for better transparency, and introduce the new --nobest command-line switch.

The purpose of the --nobest switch (as a shorthand for --setopt=best=0) is to make it easy for the user to override the default setting when needed, and it will also be suggested in the DNF output when a dependency error occurs.

Relevant excerpt from the updated dnf.conf(5):

best  boolean
When upgrading a package, always try to install its highest version available, even only to find out some of its deps are not satisfiable. Enable this if you want to experience broken dependencies in the repositories firsthand. The default is True.

Relevant excerpt from the updated dnf(8):

--nobest
Set best option as false, therefore transactions are not limited to only best candidates.

Benefit to Fedora

This change allows the user to be notified when a package cannot be upgraded to the latest version, instead of silently ignoring it as an upgrade candidate.

Right now, when DNF runs in best=0 mode, if a package cannot be upgraded due to dependency problems, it is skipped and a warning is printed in the transaction summary. However, this poses a risk of important security fixes being overlooked by the user in case they are broken for some reason, such as due to a repository misconfiguration or inconsistency within the metadata itself.

Moreover, since DNF always exits with the return code 0 (success) when in best=0 mode, this mode is especially risky in automated scripts invoking DNF in assumeyes mode in which case such unsuccessful package upgrades could easily go unnoticed unless the logs are manually examined after the fact.

The new behavior is also more in line with the generally accepted software development practice of failing early and failing fast.

Scope

  • Proposal owners:

Backport the following upstream pull requests into the DNF stack on Fedora:

https://github.com/rpm-software-management/libdnf/pull/678
https://github.com/rpm-software-management/dnf/pull/1311
https://github.com/rpm-software-management/dnf/pull/1316
https://github.com/rpm-software-management/dnf/pull/1319

  • Other developers: N/A (not a System Wide Change)
  • Policies and guidelines: N/A (not a System Wide Change)
  • Trademark approval: N/A (not needed for this Change)

Upgrade/compatibility impact

N/A (not a System Wide Change)

How To Test

N/A (not a System Wide Change)

User Experience

Broken upgrades are recognized early, enabling the user to act upon them by double-checking their repository configuration or filing bugs, instead of assuming no upgrades are available.

Dependencies

N/A (not a System Wide Change)

Contingency Plan

  • Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
  • Contingency deadline: N/A (not a System Wide Change)
  • Blocks release? N/A (not a System Wide Change), Yes/No
  • Blocks product? product

Documentation

N/A (not a System Wide Change)

Release Notes