Bug 637764

This seems to be an issue of the applet, not a libzypp one.

I guess the question is: should PackageKit do anything special when using the libzypp API to respect this setting, instead of bypassing it?

Sorry, but I don't understand - which setting? (allow_vendor_change?)

A I understand it, it's about pk-backend now listing officially released patches _and_ newer packages, while it formerly just displayed the patches. 


@allow_vendor_change, in case displaying packages is intended: This depends on how you determine the packages. If you ask zypp to suggest an update candidate, it should respect the setting. But if you just ask for the one with the highest version, there's of course no vendor check.

If checking for the highest candidate version by the applet is intended, it would, in my opinion, be safer to change this behaviour such that *only* officially released patches/updates are shown (as was the case until 11.3). The importance of this cannot be overstated.

I´d appreciate, if i´m informed about all available updates/upgrades (included allow_vendor_change).
Why couldn´t users install the highest/newest version, if it would be officially released? It's on them, which one update/upgrade they want to install. Of course not the bleeding edge, just officially released. Let´s have a look e.g. Firefox.
In update repo http://download.opensuse.org/update/11.3/ all the time will be officially released patches/updates for Firefox 3.6.x, but in Mozilla repo http://download.opensuse.org/repositories/mozilla/openSUSE_11.3/ will be available Firefox 4 in the future. And Firefox 4 will be official released.
How will i be informed about new version?

@Atri: You have probably enabled factory repositories, if the updater applet shows all available the bleeding edge updates/upgrades. Disable them.

(In reply to comment #5)
It is called consistency. Please note, what goes on in the obs repositories *is not official*. If you want to use the obs repositories, you must be smart enough to get the updates/upgrades yourself using YaST or zypper. I thought that was what 
http://en.opensuse.org/openSUSE:Maintenance_policy
was about.
> 
> @Atri: You have probably enabled factory repositories, if the updater applet
> shows all available the bleeding edge updates/upgrades. Disable them.

Yes, I have Factory enabled, and I know how to use YaST to upgrade to the latest versions from there. I still expect the updater applet to act as a frontend for the command "sudo zypper patch" only. It has done that till 11.3, and there is no reason at all to change that behaviour all of a sudden.

Please note, if you want the updater-applet to behave differently from what it has done till now, which is act as a frontend for "zypper patch", and not "zypper up", file an openFATE feature. This bug is not the place to do this. If the devs think this is intended, let them mark it as WONTFIX, otherwise this is a serious issue that needs to fixed come 11.4.

Milestone 3 and counting.

Is certainly one of the more scary bugs for me :(

The problem is valid for KPackageKit too, so the problem is not just in the gnome pk-updater, but probably either in PackageKit itself, or in the zypp-pk-backend.

Clearly this can't be the intended behaviour from any sober person. Why would you go through all the trouble of implementing "vendor stickyness" in yast/zypp and separating patches from updates etc., if the updater applet is intended to override all those useful features, by doing the equivalent of 'zypper dup' on a regular basis?

If users want to break their system they should allow vendor change in zypp.conf, or run zypper dup - not have it pushed on them by the updater.

This problem is a side-effect of showing package updates in addition
to patch updates. That is IMHO a big usability win - since we can see
updated build-service, and volunteer packages - whose users typically
never build patch repositories / descriptions. Personally I don't want to loose that feature.

We currently elide all package updates for packages that are mentioned
in a patch (so we prefer the patch) in
packagekit/backends/zypp/zypp-utils.c (zypp_get_updates)

Clearly that is not quite enough. If we want to exclude vendor
changes, it should be fairly trivial to scan all the packages to see
if their vendor does not match the installed vendor - and since these
are updates there should be no un-known / new packages that are not
already installed in the system to get that info from - right ?
Another ten lines to the above method by someone who understands
libzypp, and some half hour of testing pain required.

Either you grossly overestimate users - or your view is that openSUSE is only for quite advanced users, who understand repositories and the difference between official updates and packages from other vendors.

If you show (vendor change) updates to users, you might as well go ahead and select them for installation too. Cuz 99% of users will install whatever is there anyway. Most users suffer from the misconception that "newer == better".

Personally I think the updater applet should only show and install patches, as they have done in the past, their job is to fix the system (install patches), not to break it (install untested stuff from OBS/packman repos).

However I do think vendor change update availability should be more visible in the yast package manager UIs, but that's a different story.

I think both of you are right.

Showing only official updates by default does make sense but has a flaw because most people do use 3rd party packages, i.e. at a minimum packman.

So if some package from that repo has a security issue its update is not shown in the update applet. This is a security issue.

Thus IMHO one has to acknowledge that most users do use 3rd party repos and hence need updates from those repos. As a result an update applet has to show these updates.

If a user chooses to change vendor for a package, I think it is ok to assume that he wants updates for that package from that repo as well.

So the update applet should be set by default to only show updates that do not require a vendor change. The user might change that to show all updates.

An option to only show official patches does not make sense IMO since if a user does not use 3rd party repos he will only get security updates anyway and if he chooses to change vendor for a package he needs those updates because they might be security fixes.

> Either you grossly overestimate users - or your view is that openSUSE
> is only for quite advanced users

or the excluded middle: "or you didn't read my answer carefully" :-) Clearly we want to filter out vendor changes from the updates - so much is obvious (as Sven says); on the other hand, I do not have the cycles to hack it up, nevermind test it; though it is not that much work. Martin perhaps you could have a go, I pointed you at the code.

Me? Or there's another Martin? Unfortunately I barely have enough skillz to write "hello world" in bash :-)

If I did have some skills I probably wouldn't spend time playing catch-up with one of RedHat's maintenance nightmares, instead I'd probably try to bring SUSEwatcher back to life, like in the good old days before openSUSE became an insane asylum for updater applets (starting when zen-updater replaced SUSEwatcher in 10.1) one more crazy and dysfunctional than the other :-(

This behavior was changed without thinking much on the consecuences. PackageKit applets were never intended to be notifier of newer versions of the package but newer versions of the package you have installed.

What Michael introduced was a bug comparing versions by hand, instead of letting the solver doing it.

There is however some clever code (which we should at some point move to ZYpp) which sees appliable patches, then packages, and then factors out packages included in the patch.

The right solution should be selecting relevant patches, and then using the solver system update to select the relevant packages. This protect against vendor changes and also conflicting packages.

Let me discuss this with Michael Andres. (Moving this code to ZYpp itself)

> This behavior was changed without thinking much on the consecuences.

Which is a shame, since it was discussed on the list, and approved by the zypp guys :-)

> PackageKit applets were never intended to be notifier of newer versions of
> the package but newer versions of the package you have installed.

Sure - but then, this is not what patches do for you for most non-distro repositories :-)

> The right solution should be selecting relevant patches, and then using the
> solver system update to select the relevant packages. This protect against
> vendor changes and also conflicting packages.

Unfortunately, that only yields updates that stem from patches; and not updates to the majority of community / build-service repositories which have no patchinfo (right) ?

And, yes - I would love this functionality to be in libzypp itself ;-)

Can someone point me to the discussion on zypp-devel?  I am trying to understand the rationale for this change.

Please test PackageKit on home:dmacvcar which supports hiding packages and when showing them it uses the zypper lu algorithm.

See http://lists.opensuse.org/opensuse-factory/2011-02/msg00586.html

(In reply to comment #17)
> Please test PackageKit on home:dmacvcar which supports hiding packages and when
> showing them it uses the zypper lu algorithm.
> 
> See http://lists.opensuse.org/opensuse-factory/2011-02/msg00586.html

Works! Thanks a lot for fixing this, Duncan!

Testing method:

* Start LiveCD with default repos added
* Install packages from repo mentioned above.
*  Add factory-oss (same vendor as default repos) and X11:Compiz (different vendor)
* Start gnome-packagekit ("software update" in control-centre)

Result:-
Shows exactly the result from zypper lu, i.e. packages from the different vendor (X11:Compiz) are not shown, but all packages from factory-oss are shown.
Using "zypper lu -a" also shows updates from X11:Compiz, confirming that packagekit's behaviour is now indeed "zypper lu". 

So this solves the main problem in my report, namely: not respecting version stickiness.

Remarks:-
For me however the expected behaviour of packagekit, in consistency with earlier versions of openSUSE (<= 11.3), is as a front-end to "zypper list-patches" as I described in the report. So I tried what was suggested in the message in the earlier comment, i.e.
"
Now you can disable packages as well, just create /etc/PackageKit/ZYpp.conf and set:

[Updates]
HidePackages=true
"

Then running gnome-packagekit shows just the patches from the default update repository. So this works too :)

I would suggest that this be done by default, i.e., update packages be hidden and only patches shown in the packagekit interface by default. For those interested in seeing also update "package candidates", perhaps some information in the release notes regarding removing the ZYpp.conf file will help.

(In reply to comment #18)
> Now you can disable packages as well, just create /etc/PackageKit/ZYpp.conf and
> set:
> 
> [Updates]
> HidePackages=true

It's extremely easy to do so, in the PackageKit-branding-openSUSE package. (I guess it's zypp.conf, not ZYpp.conf, right?)

Duncan, should we also do this?

(In reply to comment #19)
> (I guess it's zypp.conf, not ZYpp.conf, right?)

Just read the patch, where I saw it's indeed ZYpp.conf.

(In reply to comment #19)
> (In reply to comment #18)
> > disable packages as well, just create /etc/PackageKit/ZYpp.conf and set:
> > 
> > [Updates]
> > HidePackages=true
> 
> It's extremely easy to do so, in the PackageKit-branding-openSUSE package. (I
> guess it's zypp.conf, not ZYpp.conf, right?)
> 
> Duncan, should we also do this?

Thanks for the nice work on this Duncan. In the opensuse-gnome meeting the question was asked if hiding package updates and only showing patches should be the default. The result was unanimous to hide by default. What do you think?

It is indeed ZYpp.conf as it is in /etc/PackageKit and it is indeed specific to the PackageKit glue, so I followed the KitFashionCamelCase convention.

zypp.conf is libzypp confuration and it is on /etc/zypp/zypp.conf.

I will submit this to factory today and I leave up to Coolo to set the HidePackages as default (you will need to add the config file in the package).

osc sr home:dmacvicar PackageKit GNOME:Factory
created request id 61861

Will, please make sure it lands in Factory and close this :-)

Pushed the change, and added /etc/PackageKit/ZYpp.conf to PackageKit-branding-openSUSE. It doesn't change the default setting, but having the file makes it easier for people to change it.

FWIW, I didn't change HidePackages in ZYpp.conf, after a very quick discussion on #opensuse-factory. But the file is there and is documented, so it's easy to change.

Thanks Duncan!

*** Bug 667802 has been marked as a duplicate of this bug. ***

http://download.opensuse.org/update/11.4-test/  has test PackageKit packages,
if you want to test.

please report back if it fixes this issue.

(if you see new or different issue, please open new bugs, cc maintenance opensuse.org)

Update released for: PackageKit, PackageKit-branding-upstream, PackageKit-browser-plugin, PackageKit-browser-plugin-debuginfo, PackageKit-debuginfo, PackageKit-debugsource, PackageKit-devel, PackageKit-doc, PackageKit-gstreamer-plugin, PackageKit-gstreamer-plugin-debuginfo, PackageKit-gtk-module, PackageKit-gtk-module-debuginfo, PackageKit-gtk3-module, PackageKit-gtk3-module-debuginfo, PackageKit-lang, libpackagekit-glib2-14, libpackagekit-glib2-14-debuginfo, libpackagekit-glib2-devel, libpackagekit-qt-devel, libpackagekit-qt14, libpackagekit-qt14-debuginfo, libpackagekit-qt2-2, libpackagekit-qt2-2-debuginfo, libpackagekit-qt2-devel
Products:
openSUSE 11.4 (debug, i586, x86_64)