[Yum] dependency problems with yum-priorities on CentOS 5.5

Nick oinksocket at letterboxes.org
Mon Aug 23 08:40:47 UTC 2010 

Hello,

I'm a relatively new user of CentOS 5.5. The CentOS wiki advises the use of yum
priorities  if you use more than the base repositories, specifically with RPMForge:

 http://wiki.centos.org/AdditionalResources/Repositories/RPMForge

(I have yum-3.2.22-26.el5.centos and yum-priorities-1.1.16-14.el5.centos.1)

As I gather has been stated before on the centos list [1], it also implies that
yum-priorities isn't a great solution (quoting Seth Vidal), but stops
short of outlining what exactly is wrong with yum-priorities (YP) and why it's
still recommended.  In fact it goes on to say:

> as of yet, no real world problems have been reported with regard to the
> 'yum-priorities' plugin

So, I experienced a real-world problem (more details in [2]):

 - set CentOS base with priority 1
 - set RPMForge with priority 2
 - yum check-update was ok
 - yum update seemed ok, prompted to proceed, then aborted half way.

It aborted because of an unresolvable dependency from an RPMForge package, where
the package which satisfies it hidden by an older version in the base repo.
Specifically:

 perl-Module-Install-0.92-1.el5.rf needed perl-Archive-Tar >= 1.44

At first I thought RPMForge must be broken, because there seemed to be nothing
which would satisfy the dependency, just this:

 $ yum list --showduplicates  perl-Archive-Tar
  perl-Archive-Tar    1.30               centos-base

RPMForge appears to have nothing at all.  Later I inferred yum-priorities was
hiding it from view, because with --noplugins, yum would admit that indeed the
required perl-Archive-Tar-1.44 did exist in RPMForge:

 $ yum list --showduplicates --noplugins  perl-Archive-Tar
  perl-Archive-Tar    1.30               centos-base
  perl-Archive-Tar    1.44               rpmforge

So RPMForge was not broken, I just have an pathological case of yum-priorities.

Of course, I know this is what yum-priorities is designed to do, and that it
isn't perfect.  I have two suggestions, however - but they seem a bit obvious,
so before I file them on the yum issue tracker I'd like to check I've not missed
anything.


Firtly, the fact that yum+YP hides packages so completely they don't seem to be
present can be confusing, and it'd be nice if that could be fixed so that
--showduplicates will report the presence of packages which won't be installed
because of YP.


However, the bigger problem is that yum does *not* seem to be able to detect the
kind of unresolvable dependency problem I experienced.  Therefore it happily
starts the update process, only to abort with an error half way through, leaving
my system essentially broken.  Neither does yum check-update warn me about this
risk.

My choice seems to be:

 - don't use yum-priorities, but get into a muddle when base OS packages get
   replaced, or

 - do use it, but at the risk of breaking my (possibly production) server at an
   unpredictable moment entirely outside my control (as described).



Couldn't yum check-update and yum update detect the dependency problem and warn
me at a point I can still back off?

For example, in a case like the one above, couldn't yum update check the
dependencies available and refuse to proceed, telling me something like this?

  perl-Module-Install-0.92-1.el5.rf needs perl-Archive-Tar >= 1.44, but
  perl-Archive-Tar-1.44 from the 'rpmforge' repo cannot be used due to
  the presence of perl-Archive-Tar-1.30 the higher priority repo 'centos-base'.
  See [link to documentation] for possible ways to resolve this problem.

Thanks,

Nick

---

1. http://thread.gmane.org/gmane.linux.centos.general/86563

2. An example of when yum_priorities bites included here:
 http://www.noodlefactory.co.uk/~nick/wu-lee/Notes/YumPrioritiesPitfalls

More information about the Yum mailing list