install does not satisfy missing dependencies of an installed package

rpm-software-management / dnf5

Next-generation RPM package management system

Other

239 stars 82 forks source link

install does not satisfy missing dependencies of an installed package #1498

Open t184256 opened 5 months ago

t184256 commented 5 months ago

The install command does not do what it claims to do, specifically it doesn't bother satisfying missing dependencies when the package is already installed, but the dependencies are missing.

The install command in DNF5 is used for installing packages. It makes sure that all given packages defined in package-spec arguments and their dependencies are installed on the system.

How to reproduce:

upgrade to rawhide
dnf download glances
rpm -i --nodeps glances*.rpm
dnf install glances

Observed behaviour:

Updating and loading repositories:
 Fedora rawhide - x86_64                100% | 239.6 KiB/s |   4.3 KiB |  00m00s
Repositories loaded.
Package "glances-3.4.0-5.fc40.noarch" is already installed.

dnf did not, in fact, make sure that "all given packages ... and their dependencies are installed on the system."

Expected behaviour:

dnf downloads and installs all missing direct and transitive dependencies of glances

j-mracek commented 5 months ago

May I ask you to try dnf reinstall glances instead. There is also dnf5 check command that detects problem with the system.

t184256 commented 4 months ago

dnf reinstall glances reinstalls glances and satisfies the dependencies. But I don't want to reinstall (in my actual case, it's about a package that dnf rejects, but RPM can be forced to install), just satisfy the dependencies.

dnf5 check detects the problem, but it doesn't offer a way to satisfy the dependencies.

IMO, there are, broadly, at least two and a half sensible ways forward:

make install do what it claims to do and satisfy the dependencies, turning it into a dependency problem fixing tool it's advertised as
change install description to reflect the behaviour, e.g., by adding an "unless the package is installed", or moving the claim about satisfying dependencies to reinstall, which actually does that 2a. if it's not doing anything anyway on the grounds of having the package already installed, maybe also make it skip "Updating and loading repositories" phase while you're at it

jan-kolarik commented 4 months ago

I believe DNF was never intended to be used as a tool for fixing dependency problems. Adding such functionality would be a significant change, which is currently out of our scope.

The Fedora user documentation consistently recommends using DNF instead of RPM, as RPM can cause system integrity issues. The --nodeps option is explicitly stated to be dangerous and not recommended.

However, you are correct that the description of the install command in the man pages deserves an adjustment and a more detailed explanation of how it behaves in different situations.

j-mracek commented 4 months ago

If I am not mistaken in past yum-3 did a check for system integrity in background, therefore it allowed to detect such a situation. The question whether we should implement such a mechanism in DNF5? The problem is about price (CPU) where this will be not for free and current implementation of check command is quite slow.