F17 yum/rpm not running groupadd in %pre scripts

Panu Matilainen pmatilai at laiskiainen.org
Wed Aug 15 07:53:31 UTC 2012


On 08/14/2012 10:30 PM, Chuck Anderson wrote:
> I ran into a comedy of errors today after I did a new F17 installation
> yesterday.  Here are a couple:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=848148
> Error in PREIN scriptlet in rpm package wireshark-1.6.9-1.fc17.x86_64
>
> (and why does yum still let the transaction succeed, creating problems
> in the RPMDB, broken dependencies?)

This would be one for the FAQ...

Rpm transactions are not ACID, nothing of the sort. Rpm only guarantees 
that a transaction does not start if pre-determined problems exist - 
such as missing dependencies or insufficient disk-space. Once the 
transaction train is off the platform, it brakes for nobody.

Basically, just aborting a transaction-in-progress on scriptlet errors 
and such is just as likely to create problems (including broken 
dependencies) as is limping on. What seems obvious with a transaction of 
2-3 simple packages with a nice and clean C -> B -> A dependency chain 
is much less so when you have tens or hundreds of inter-dependent 
packages with myriad dependency loops amongst them, some with %pretrans 
scriptlets that have already executed, modifying the system in ways that 
cannot be rolled back. Etc.

See http://rpm.org/ticket/805: it could be made a bit smarter, but as 
the general case is essentially unsolvable this area hasn't seen much 
effort.

>
> https://bugzilla.redhat.com/show_bug.cgi?id=845671
> "Directory '/var/run/screen' must have mode 777." when opening screen
>
> (and why does systemd-tmpfiles completely fail to start when there is
> a missing group--it should fail gracefully, allowing the other
> tmpfiles stuff to run and the service as a whole to run)
>
> Both of these are traceable to missing entries in /etc/group.  In the
> former cae, there is an explicit "Error in PREIN" script during
> instalation.  In the latter case, there is only a warning and
> installation proceeds:
>
> Running Transaction
>    Installing : screen-4.1.0-0.9.20120314git3c2946.fc17.x86_64               1/1
> warning: group screen does not exist - using root
> warning: group screen does not exist - using root
>
> So what is going on with %pre not running groupadd properly?  Are there
> any known issues in this area?

 From rpm's POV there are two main reasons for correct-looking scripts 
failing, and both are packaging issues:
1) missing dependencies on items the scriptlet needs
2) dependency loops preventing correct ordering

This case appears to be selinux-related, and there's not a whole lot rpm 
can do about that.

	- Panu -


More information about the test mailing list