I'm likely giving up on trying to read Fedora package update information

February 9, 2020

Perhaps unlike most people, I apply updates to my Fedora machines through the command line, first with yum and now with dnf. As part of that, I have for a long time made a habit of trying to read the information that Fedora theoretically publishes about every package update with 'dnf updateinfo info', just in case there was a surprise lurking in there for some particular package (this has sometimes exposed issues, such as when I discovered that Fedora maintains separate package databases for each user). Sadly, I'm sort of in the process of giving up on doing that.

The overall cause is that it's clear that Fedora does not really care about this update information being accurate, usable, and accessible. This relative indifference has led to a number of specific issues with both the average contents of update information and to the process of reading it that make the whole experience both annoying and not very useful. In practice, running 'dnf updateinfo info' may not tell me about some of the actual updates that are pending, always dumps out information about updates that aren't pending for me (sometimes covering ones that have already been applied, for example for some kernel updates), and part of the time the update information itself isn't very useful and has 'fill this in' notes and so on. The result is verbose but lacking in useful information and frustrating to pick through.

The result is that 'dnf updateinfo info' has been getting less and less readable and less useful for some time. These days I skim it at best, instead of trying to read it thoroughly, and anyway there isn't much that I can do if I see something that makes me wonder. I can get most of the value from just looking at the package list in 'dnf check-update', and if I really care about update information for a specific package I see there I'm probably better off doing 'dnf updateinfo info <package>'. But still, it's a hard to let go of this; part of me feels that reading update information is part of being a responsible sysadmin (for my own personal machines).

Some of these issues are long standing ones. It's pretty clear that the updateinfo (sub)command is not a high priority in DNF as far as bug fixes and improvements go, for example. I also suspect that some of the extra packages I see listed in 'dnf updateinfo info' are due to DNF modularity (also), and I'm seeing updateinfo for (potential) updates from modules that either I don't have enabled or that 'dnf update' and friends are silently choosing to not use for whatever reasons. Alternately they are base updates that are overridden by DNF modules I have enabled; it's not clear.

(Now that I look at 'dnf module list --enabled', it seems that I have several modules enabled that are relevant to packages that updateinfo always natters about. One update that updateinfo talks about is for a different stream (libgit2 0.28, while I have the libgit2 0.27 module enabled), but others appear to be for versions that I should be updating to if things were working properly. Unfortunately I don't know how to coax DNF to show me what module streams installed packages come from, or what it's ignoring in the main Fedora updates repo because it's preferring a module version instead.)


Comments on this page:

By Robert Earl at 2020-02-10 00:22:12:

I had a similar experience on Android. I disabled automatic app updates, with the big idea that I would read about them first! Oh ho ho, the app developers had another idea. Every app gets updated with "bugfixes" or "stability and performance enhancement" or yep, whatever else is fill-this-inable at the time.

Some apps do give good info, but the signal-to-noise ratio was great enough that I really don't bother reading through the notes now anyway, and I just grumble and sigh when they ask for more permissions. wcyd?

Written on 09 February 2020.
« Code dependencies and operational dependencies
Doing frequent ZFS scrubs lets you discover problems close to when they happened »

Page tools: View Source, View Normal, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sun Feb 9 23:24:37 2020
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.