zypp: ensure locked packages are neither installed, updated, removed, nor downloaded #557
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
On my previous PR #543 I proposed a change to not list locked packages as being able to be updated.
Which is fine, as one would not expect a locked package to be listed as being able to be to updated.
But locked packages could still be installed by PackageKit. For example, zypper by default install recommended packages, as can be seen on this configuration file, from their official repository:
https://github.com/openSUSE/zypper/blob/7a03e8594bb8dbf2af68decc4427d5244f68f46c/zypper.conf#L70-L82
So when a locked package is listed in the recommended listing for another package, it ends up being resolved by the backend, and then installed.
I tracked every occurrence where libzypp API was used to mark a package to be installed, updated, or removed, and added a guard to ignore locked packages.
For example, if you look into the function
backend_remove_packages_thread
, the guard was added before callingitem.status ().setToBeUninstalled()
or any other manual status change.In addition I also added a guard to skip locked packages from being downloaded.