Bug 951402

Summary: Pluginservice fails to update repo GPG settings
Product: [openSUSE] openSUSE Tumbleweed Reporter: Michael Andres <ma>
Component: libzyppAssignee: E-mail List <zypp-maintainers>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: andrej.semen, ma
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Michael Andres 2015-10-21 13:47:06 UTC 
Repo GpgCheck settings defined by a pluginservice do not get updated when the service is refreshed.
Comment 1 Michael Andres 2015-10-21 13:51:00 UTC 
fixed in libzypp-15.19.4
Comment 2 Andrej Semen 2015-11-05 13:40:06 UTC 
could you be so kind to define a reproducer how to test "Repo GpgCheck"?

what would be the steps to reproduce & test?
Comment 3 Michael Andres 2015-11-05 14:10:06 UTC 
1) Create a pluginservice: Install this script as /usr/lib/zypp/plugins/services/testservice
> #!/usr/bin/python
> import sys
> if True:
>     sendback = sys.stdout
>     print >>sendback
>     print >>sendback, "[sumafake]"
>     print >>sendback, "name=sumafake"
>     print >>sendback, "baseurl=dir:/tmp/sumafake"
>     print >>sendback, "enabled=1"
>     print >>sendback, "autorefresh=1"
>     # bnc#823917: Always disable gpgcheck as SMgr does not sign metadata,
>     # even if the original gpg_key_url is known.
>     print >>sendback, "gpgcheck=1"
>     # fate#314603 check package signature if metadata not signed
>     print >>sendback, "pkg_gpgcheck=1"
>     print >>sendback, "repo_gpgcheck=1"
> sys.exit(0)

2) Refresh the services 
> # zypper refs

3) Check the created repo file cat /etc/zypp/repos.d/testservice:sumafake.repo
> # grep gpgcheck /etc/zypp/repos.d/testservice:sumafake.repo
> gpgcheck=1
> repo_gpgcheck=1
> pkg_gpgcheck=1

4) Change the values for *gpgcheck in the python script; call 'zypper refs' 
==> testservice:sumafake.repo must reflect the changes

With a broken libzypp the initial values remain unchanged.
Comment 4 Michael Andres 2015-11-05 14:12:36 UTC 
closing
Comment 5 Swamp Workflow Management 2015-11-09 17:15:06 UTC 
SUSE-RU-2015:1941-1: An update that has 16 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 900769,941453,941463,941539,941563,943563,945169,946129,946750,946752,948482,948608,949957,951339,951402,951782
CVE References: 
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    libsolv-0.6.14-2.13.1, libzypp-14.42.3-2.31.1
SUSE Linux Enterprise Server 12 (src):    libsolv-0.6.14-2.13.1, libzypp-14.42.3-2.31.1, yast2-pkg-bindings-3.1.20.2-8.1, zypper-1.11.42-2.25.2
SUSE Linux Enterprise Desktop 12 (src):    libsolv-0.6.14-2.13.1, libzypp-14.42.3-2.31.1, yast2-pkg-bindings-3.1.20.2-8.1, zypper-1.11.42-2.25.2
Comment 6 Swamp Workflow Management 2015-12-08 13:12:32 UTC 
openSUSE-RU-2015:2226-1: An update that has 11 recommended fixes can now be installed.

Category: recommended (low)
Bug References: 900769,943563,945169,946129,946750,946752,948482,949957,951339,951402,951782
CVE References: 
Sources used:
openSUSE 13.2 (src):    libsolv-0.6.14-16.1, libzypp-14.42.3-32.1, zypper-1.11.42-28.1