IssueHunt
Bug Bounty (New!)
Browse
Sign in with GitHub
future-architect/vuls

Do you want to work on this issue?

You can request for a bounty in order to promote it!

failed to collect modularitylabel #1968

MaineK00n posted onGitHub

What did you do? (required. The issue will be closed when not provided.)

  • oracle linux 8 MODULARITYLABEL is not set for the rpm package.
    $ docker run -it oraclelinux:8 /bin/bash
[root@169a306ba19f ~]# dnf module install -y container-tools:ol8:20190518020532:3ba8ebeb:x86_64
[root@169a306ba19f ~]# rpm -q runc --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{MODULARITYLABEL}\n"
runc 0 1.0.0 54.rc5.dev.git2abd837.module+el8+5201+6423ecab x86_64 (none)
    https://github.com/aquasecurity/trivy/discussions/5672#discussioncomment-9770411
  • fedora 28 server, (probably fedora 29 server too) Although modular packages can be used, rpm querytags does not contain MODULARITYLABEL, and command execution fails.
    [vagrant@localhost ~]$ cat /etc/os-release 
NAME=Fedora
VERSION="28 (Server Edition)"
ID=fedora
VERSION_ID=28
PLATFORM_ID="platform:f28"
PRETTY_NAME="Fedora 28 (Server Edition)"
ANSI_COLOR="0;34"
CPE_NAME="cpe:/o:fedoraproject:fedora:28"
HOME_URL="https://fedoraproject.org/"
SUPPORT_URL="https://fedoraproject.org/wiki/Communicating_and_getting_help"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=28
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=28
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
VARIANT="Server Edition"
VARIANT_ID=server

[vagrant@localhost ~]$ dnf module list Last metadata expiration check: 0:04:02 ago on Mon 17 Jun 2024 16:07:28 CEST. Fedora Modular 28 - x86_64 Name Stream Version Profiles
reviewboard 2.5 [d] 20180206144254 default, server

Fedora Modular 28 - x86_64 - Updates Name Stream Version Profiles
afterburn rolling [d] 2820190507144241 default
ant 1.10 2820190507144348 default
askalono-cli rolling [d] 2820190424143105 default
avocado 52lts 2820190312151646 default, minimal ...

[vagrant@localhost ~]$ rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{MODULARITYLABEL}\n" error: incorrect format: unknown tag: "MODULARITYLABEL" error: incorrect format: unknown tag: "MODULARITYLABEL" ... ```

There is a large discrepancy between the MODULARITYLABEL of an installed package and the enabled modules.

[root@12c22a8c3af1 /]# rpm -q nodejs --qf "%{NAME} %{MODULARITYLABEL}\n"
nodejs nodejs:12:8060020220523160029:d63f516d
[root@12c22a8c3af1 /]# dnf module disable nodejs:12
[root@12c22a8c3af1 /]# find /etc/dnf/modules.d -type f -name *.module | xargs cat
[nodejs]
name=nodejs
stream=
profiles=
state=disabled
[root@12c22a8c3af1 /]# dnf module enable nodejs:20
[root@12c22a8c3af1 /]# find /etc/dnf/modules.d -type f -name *.module | xargs cat
[nodejs]
name=nodejs
stream=20
profiles=
state=enabled
[root@12c22a8c3af1 /]# dnf module list | grep nodejs
nodejs               10 [d]          common [d], development, minimal, s2i    Javascript runtime                                                                                                                                                                                                               
nodejs               12              common [d], development, minimal, s2i    Javascript runtime                                                                                                                                                                                                               
nodejs               14              common [d], development, minimal, s2i    Javascript runtime                                                                                                                                                                                                               
nodejs               16              common [d], development, minimal, s2i    Javascript runtime                                                                                                                                                                                                               
nodejs               18              common [d], development, minimal, s2i    Javascript runtime                                                                                                                                                                                                               
nodejs               20 [e]          common [d], development, minimal, s2i    Javascript runtime
posted by MaineK00n 9 months ago

It may be necessary to create a table to calculate MODULARITYLABEL from rpm package(nevra) as follows.

$ curl https://yum.oracle.com/repo/OracleLinux/OL8/appstream/x86_64/repodata/06af2a645db34f209049e1672342c066ebdad128b3914a6758ff4e7c8e39a94e-modules.yaml.gz | gzip --decompress
---
document: modulemd
version: 2
data:
  name: 389-ds
  stream: 1.4
  version: 20190512202313
  context: 1fc8b219
  arch: x86_64
  summary: 389 Directory Server (base)
  description: >-
    389 Directory Server is an LDAPv3 compliant server.  The base package includes
    the LDAP server and command line utilities for server administration.
  license:
    module:
    - MIT
    content:
    - GPLv3+
  xmd:
    mbs:
      mse: TRUE
      scmurl: 
      commit: 
      buildrequires:
        nodejs:
          ref: 
          stream: 10
          context: 9edba152
          version: 20190512012822
          filtered_rpms: []
        platform:
          ref: 
          stream: el8
          context: 32e30060
          version: 20190214123456
          filtered_rpms: []
      rpms:
        389-ds-base:
          ref: 72adaa88854b1657f0f2786324f2e0ea7e336c98
  dependencies:
  - buildrequires:
      nodejs: [10]
      platform: [el8]
    requires:
      platform: [el8]
  filter:
    rpms:
    - cockpit-389-ds
  components:
    rpms:
      389-ds-base:
        rationale: Package in api
        ref: stream-1.4
        arches: [aarch64 x86_64 s390x ppc64le]
  artifacts:
    rpms:
    - 389-ds-base-0:1.4.0.20-7.module+el8+5152+0751f230.x86_64
    - 389-ds-base-devel-0:1.4.0.20-7.module+el8+5152+0751f230.x86_64
    - 389-ds-base-legacy-tools-0:1.4.0.20-7.module+el8+5152+0751f230.x86_64
    - 389-ds-base-libs-0:1.4.0.20-7.module+el8+5152+0751f230.x86_64
    - 389-ds-base-snmp-0:1.4.0.20-7.module+el8+5152+0751f230.x86_64
    - python3-lib389-0:1.4.0.20-7.module+el8+5152+0751f230.noarch
...
---
...
posted by MaineK00n 9 months ago

Fund this Issue

$0.00
Funded
Only logged in users can fund an issue

Pull requests

Company
AboutMission
Community
SpectrumEmbed
Support
FAQTerms of usePrivacy policyCode of conductCredits
Connect
FacebookTwitter

© 2019 BoostIO, Inc.