Bug ID 1231236
Summary Lastest audit package (audit-rules to be more specific) is not installable in containers
Classification openSUSE
Product openSUSE Tumbleweed
Version Slowroll
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Basesystem
Assignee screening-team-bugs@suse.de
Reporter dcassany@suse.com
QA Contact qa-bugs@suse.de
Target Milestone ---
Found By ---
Blocker --- 

Since the last audit update this package (audit-rules to be more specific) is
no longer installable in containers without getting a 107 error from zypper.
The post transaction scriptlet fails and it makes it hard be installed as part
of a Dockerfile.

Reproducer:

$ podman run --rm -ti opensuse/tumbleweed:latest

# inside the contianer
$ zypper in -y awk audit


'awk' package needs to be installed too. To my surprise without it
`/sbin/augenrules` fails (so probably this should be a requirement of
audit-rules) but this does not cause zypper to report any error. However if
'awk' is in the system it causes a failure in `audit-rules` post transaction
scriptlet.


/var/log/zypp/history installing in a container without awk (zypper returns 0):

# 2024-10-02 08:47:03 audit-rules-4.0-1.1.x86_64.rpm installed ok
# Additional rpm output:
# /sbin/augenrules: line 100: awk: command not found
#

/var/log/zypp/history installing in a container without awk (zypper returns
107):

# 2024-10-02 08:50:34 audit-rules-4.0-1.1.x86_64.rpm installed ok
# Additional rpm output:
# warning: %post(audit-rules-4.0-1.1.x86_64) scriptlet failed, exit status 1
#

I think the audit-rules script should have additional logic to prevent this 107
errors to happen in containers (and probably in other contexts too) and maybe
there is a dependency missing to awk in audit-rules package.

You are receiving this mail because: