rpm-ostree db loses advisory information on subsequent deployment staging
Opened this issue · 0 comments
sdodson commented
Expected vs actual behavior
After rpm-ostree has staged a deployment with advisories rpm-ostree status
lists the security advisories. However, if a subsequent deployment gets staged and, I believe but haven't confirmed, that subsequent deployment does not add any advisories then the list of advisories gets cleared.
Expected:
Expect to see advisories listed
$ rpm-ostree status
State: idle
Deployments:
fedora:fedora/38/x86_64/silverblue
Version: 38.20230920.0 (2023-09-20T00:52:52Z)
BaseCommit: 5fbec9c2714ffb9ee8a73093fbb101b707e59164d689b7c0057c7d8dadc23712
GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464
SecAdvisories: 1 low, 1 moderate, 1 important, 2 critical
Diff: 66 upgraded, 3 added
LayeredPackages: git gnome-pomodoro gnome-shell-extension-pomodoro gnome-tweak-tool gnome-tweaks google-chrome-stable intel-gpu-tools intel-media-driver java-17-openjdk-headless
krb5-auth-dialog krb5-workstation libva-intel-driver libva-utils make rpmfusion-free-release-38 rpmfusion-nonfree-release-38
● fedora:fedora/38/x86_64/silverblue
Version: 38.20230913.0 (2023-09-13T02:06:59Z)
BaseCommit: e8c56e8e1ad95725a494ab7ac941ea38a0528a975aa7192c13f73919f62ffd24
GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464
LayeredPackages: git gnome-pomodoro gnome-shell-extension-pomodoro gnome-tweak-tool gnome-tweaks google-chrome-stable intel-gpu-tools intel-media-driver java-17-openjdk-headless
krb5-auth-dialog krb5-workstation libva-intel-driver libva-utils make rpmfusion-free-release-38 rpmfusion-nonfree-release-38
Actual:
Advisories not listed, notice the Diff count matches above and base commits are the same.
$ rpm-ostree status
State: idle
Deployments:
fedora:fedora/38/x86_64/silverblue
Version: 38.20230920.0 (2023-09-20T00:52:52Z)
BaseCommit: 5fbec9c2714ffb9ee8a73093fbb101b707e59164d689b7c0057c7d8dadc23712
GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464
Diff: 66 upgraded, 3 added
LayeredPackages: git gnome-pomodoro gnome-shell-extension-pomodoro gnome-tweak-tool gnome-tweaks google-chrome-stable intel-gpu-tools intel-media-driver java-17-openjdk-headless
krb5-auth-dialog krb5-workstation libva-intel-driver libva-utils make rpmfusion-free-release-38 rpmfusion-nonfree-release-38
● fedora:fedora/38/x86_64/silverblue
Version: 38.20230913.0 (2023-09-13T02:06:59Z)
BaseCommit: e8c56e8e1ad95725a494ab7ac941ea38a0528a975aa7192c13f73919f62ffd24
GPGSignature: Valid signature by 6A51BBABBA3D5467B6171221809A8D7CEB10B464
LayeredPackages: git gnome-pomodoro gnome-shell-extension-pomodoro gnome-tweak-tool gnome-tweaks google-chrome-stable intel-gpu-tools intel-media-driver java-17-openjdk-headless
krb5-auth-dialog krb5-workstation libva-intel-driver libva-utils make rpmfusion-free-release-38 rpmfusion-nonfree-release-38
Steps to reproduce it
- Stage a deployment with security advisories
- rpm-ostree status to show staged deployment w/ advisories listed
- Wait until additional updates become available
- rpm-ostree update
- rpm-ostree status no longer shows advisories
If I cleanup and update again the advisories reappear. I should've done more selective cleanup, but this worked
rpm-ostree cleanup -pbm
rpm-ostree update
rpm-ostree status
Would you like to work on the issue?
No :-(