I haven't seen the denial of systemd-user-ru from reading dbus-1 I reported in #1644313 or any others since upgrading to 3.14.2-41. Thanks.

60.3.0 has run normally except when it was first started when logged in with a secondary user about 20 tabs opened for individual language packs asking if each language pack should be enabled. I reported more details about that issue at https://bugzilla.redhat.com/show_bug.cgi?id=1645360

Plasma, dolphin, konsole, kinfocenter, kate and other KDE applications have run normally with KF5 5.51.0. baloo_file 5.51.0 crashed twice due to a failed assertion rc == 0 in mdb_page_dirty at mdb.c:2127-2128 in liblmdb.so.0.0.0 in the lmdb-libs package. I've seen baloo_file crash many times with previous KF5 versions as have many others so the crash isn't specific to 5.51.0. I mentioned in the report I filed about a fix for lmdb-libs which might resolve those crashes. https://bugzilla.redhat.com/show_bug.cgi?id=1645114
I'm unsure if #1645114 should be reassigned from kf5-baloo to lmdb.

@vondruch This update and the others submitted in the last 5 days for F29 still have pending status. I was updating ruby and other packages from Koji since those updates haven't been pushed to updates-testing. My previous comment was just to inform the maintainers that they might consider increasing the release of rubygem-json and version of rubygem-rdoc if those subpackages were intended to be upgraded with the rest of this update.

I upgraded to systemd-239-6.git9f3aed1.fc29 from Koji. When I logged into Plasma twice after the systemd update, I saw the following denial of systemd-user-ru reading dbus-1 both times. I put the details in the report at https://bugzilla.redhat.com/show_bug.cgi?id=1644313 systemd seems to be running normally otherwise.

When I ran sudo dnf upgrade on this update's rpms from Koji I got the following messages Package rubygem-json of higher version already installed, cannot update it. Package rubygem-rdoc of higher version already installed, cannot update it.

rubygem-json-2.1.0-99.fc29 in this update has a lower release than rubygem-json-2.1.0-106.fc29 which I have installed. https://koji.fedoraproject.org/koji/buildinfo?buildID=1124292

rubygem-rdoc-6.0.1-99.fc29 in this update has a lower version than rubygem-rdoc-6.0.3-3.fc29 which I have installed. https://koji.fedoraproject.org/koji/buildinfo?buildID=1124463

63 has run normally.

4.18.16 has run normally.

4.18.15 has run normally.

I installed scap-workbench-1.2.0-2 without getting the error I noted in #1640283. I ran the Standard System Security Profile for Fedora scan in scap-workbench-1.2.0-2 which completed though some errors related to a directory something like /tmp/openscap not being found occurred. Thanks.

The crashes I reported in #1638767 and #1638784 haven't happened with 3.30.3 from Koji. 3.30.3 has run normally otherwise.

Running sudo dnf upgrade --refresh I got the following errors

Problem 1: cannot install both unbound-libs-1.7.3-9.fc29.i686 and unbound-libs-1.8.1-1.fc29.i686 - package gnutls-dane-3.6.4-3.fc29.i686 requires libunbound.so.2, but none of the providers can be installed - cannot install the best update candidate for package unbound-libs-1.8.1-1.fc29.i686 - cannot install the best update candidate for package gnutls-dane-3.6.4-2.fc29.i686 Problem 2: package unbound-1.8.1-1.fc29.i686 requires libunbound.so.8, but none of the providers can be installed - package unbound-1.8.1-1.fc29.i686 requires unbound-libs(x86-32) = 1.8.1-1.fc29, but none of the providers can be installed - cannot install both unbound-libs-1.7.3-9.fc29.i686 and unbound-libs-1.8.1-1.fc29.i686 - package gnutls-dane-3.6.4-3.fc29.i686 requires libunbound.so.2, but none of the providers can be installed - package gnutls-devel-3.6.4-3.fc29.i686 requires gnutls-dane(x86-32) = 3.6.4-3.fc29, but none of the providers can be installed - cannot install the best update candidate for package unbound-1.8.1-1.fc29.i686 - cannot install the best update candidate for package gnutls-devel-3.6.4-2.fc29.i686 Problem 3: package python3-unbound-1.8.1-1.fc29.i686 requires libunbound.so.8, but none of the providers can be installed - package python3-unbound-1.8.1-1.fc29.i686 requires unbound-libs(x86-32) = 1.8.1-1.fc29, but none of the providers can be installed - cannot install both unbound-libs-1.7.3-9.fc29.i686 and unbound-libs-1.8.1-1.fc29.i686 - package gnutls-dane-3.6.4-3.fc29.i686 requires libunbound.so.2, but none of the providers can be installed - package gnutls-utils-3.6.4-3.fc29.i686 requires gnutls-dane(x86-32) = 3.6.4-3.fc29, but none of the providers can be installed - cannot install the best update candidate for package python3-unbound-1.8.1-1.fc29.i686 - cannot install the best update candidate for package gnutls-utils-3.6.4-2.fc29.i686 Problem 4: package python2-unbound-1.8.1-1.fc29.i686 requires libunbound.so.8, but none of the providers can be installed - package python2-unbound-1.8.1-1.fc29.i686 requires unbound-libs(x86-32) = 1.8.1-1.fc29, but none of the providers can be installed - cannot install both unbound-libs-1.7.3-9.fc29.i686 and unbound-libs-1.8.1-1.fc29.i686 - package gnutls-dane-3.6.4-3.fc29.i686 requires libunbound.so.2, but none of the providers can be installed - package gnutls-utils-3.6.4-3.fc29.i686 requires libgnutls-dane.so.0, but none of the providers can be installed - package gnutls-utils-3.6.4-3.fc29.i686 requires libgnutls-dane.so.0(DANE_0_0), but none of the providers can be installed - package libvirt-client-4.7.0-1.fc29.i686 requires gnutls-utils, but none of the providers can be installed - package gnutls-dane-3.6.4-2.fc29.i686 requires gnutls(x86-32) = 3.6.4-2.fc29, but none of the providers can be installed - package gnutls-utils-3.6.4-2.fc29.i686 requires gnutls(x86-32) = 3.6.4-2.fc29, but none of the providers can be installed - package gnutls-dane-3.6.4-1.fc29.i686 requires gnutls(x86-32) = 3.6.4-1.fc29, but none of the providers can be installed - package gnutls-utils-3.6.4-1.fc29.i686 requires gnutls(x86-32) = 3.6.4-1.fc29, but none of the providers can be installed - cannot install both gnutls-3.6.4-3.fc29.i686 and gnutls-3.6.4-2.fc29.i686 - cannot install both gnutls-3.6.4-1.fc29.i686 and gnutls-3.6.4-3.fc29.i686 - cannot install the best update candidate for package python2-unbound-1.8.1-1.fc29.i686 - cannot install the best update candidate for package libvirt-client-4.7.0-1.fc29.i686 - cannot install the best update candidate for package gnutls-3.6.4-2.fc29.i686 Problem 5: package libreswan-3.27-1.fc29.i686 requires libunbound.so.8, but none of the providers can be installed - cannot install both unbound-libs-1.7.3-9.fc29.i686 and unbound-libs-1.8.1-1.fc29.i686 - package gnutls-dane-3.6.4-3.fc29.i686 requires libunbound.so.2, but none of the providers can be installed - package gnutls-devel-3.6.4-3.fc29.i686 requires gnutls-dane(x86-32) = 3.6.4-3.fc29, but none of the providers can be installed - package openvas-libraries-devel-9.0.2-3.fc29.i686 requires pkgconfig(gnutls) >= 2.12, but none of the providers can be installed - package gnutls-devel-3.6.4-2.fc29.i686 requires gnutls-c++(x86-32) = 3.6.4-2.fc29, but none of the providers can be installed - package gnutls-devel-3.6.4-1.fc29.i686 requires gnutls-c++(x86-32) = 3.6.4-1.fc29, but none of the providers can be installed - cannot install both gnutls-c++-3.6.4-3.fc29.i686 and gnutls-c++-3.6.4-2.fc29.i686 - cannot install both gnutls-c++-3.6.4-1.fc29.i686 and gnutls-c++-3.6.4-3.fc29.i686 - cannot install the best update candidate for package openvas-libraries-devel-9.0.2-3.fc29.i686 - cannot install the best update candidate for package libreswan-3.27-1.fc29.i686 - cannot install the best update candidate for package gnutls-c++-3.6.4-2.fc29.i686 ...

Skipping packages with conflicts: (add '--best --allowerasing' to command line to force their upgrade): gnutls i686 3.6.4-1.fc29 fedora 870 k gnutls i686 3.6.4-3.fc29 updates-testing 871 k gnutls-c++ i686 3.6.4-1.fc29 fedora 27 k gnutls-c++ i686 3.6.4-3.fc29 updates-testing 27 k unbound-libs i686 1.7.3-9.fc29 fedora 489 k Skipping packages with broken dependencies: gnutls-dane i686 3.6.4-1.fc29 fedora 25 k gnutls-dane i686 3.6.4-3.fc29 updates-testing 25 k gnutls-devel i686 3.6.4-1.fc29 fedora 2.1 M gnutls-devel i686 3.6.4-3.fc29 updates-testing 2.1 M gnutls-utils i686 3.6.4-1.fc29 fedora 299 k gnutls-utils i686 3.6.4-3.fc29 updates-testing 299 k

gnutls-dane-3.6.4-3 requires libunbound.so.2 but unbound-libs-1.8.1-1 in updates-testing provides libunbound.so.8 Rebuilding gnutls to use libunbound.so.8 from unbound-libs-1.8.1-1 as was done in gnutls-3.6.4-2.fc29 at FEDORA-2018-7be27ff1d8 and adding it to that update might resolve at least some of the errors.

I downgraded from the 1.3.0 rpms I built to 1.3.0_alpha2-2. Then, I upgraded to 1:1.3.0-3 from Koji without any errors. Thanks for the update.

When I wrote %{name} followed by the * operator, the text after * showed up as italicized unintentionally. I just changed all the Requires lines involving openscap packages to include %{epoch} including those of the following form: Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}-scanner%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}-engine-sce%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name} = %{epoch}:%{version}-%{release}

@jcerny I downloaded the openscap git repo with fedpkg clone openscap --branch f29 -a . I installed thsoe build requirements in openscap.spec I didn't already have. I changed change all of the Requires lines in openscap.spec matching Requires: %{name} = %{version}-%{release} to Requires: %{name}= %{epoch}:%{version}-%{release}. I built the openscap packages using fedpkg --release f29 local which showed many gcc warnings, but the packages were all built correctly. I used sudo dnf upgrade on the packages I built, and they upgraded without any errors. I could provide more information if that would help.

4.18.14 has run normally.

I haven't seen the denials of send_msg between boltd and fwupd on dbus noted in #1632230 or of mounton between boltd and /run/systemd/unit-root/run/boltd in #1636823 since I've updated to 3.14.2-40 when starting gnome or gnome software. I haven't got any other denials with 3.14.2-40.

Adding "Epoch: 1" did solve the original problem of dnf considering 1.3.0_alpha2 to be a higher version number than 1.3.0. A possible way to resolve the new dnf errors would be to change all of those requires lines in openscap.spec at https://src.fedoraproject.org/rpms/openscap/blob/f29/f/openscap.spec like Requires: %{name}%{?_isa} = %{version}-%{release} to Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}

For example, bind.spec at https://src.fedoraproject.org/rpms/bind/blob/f29/f/bind.spec uses lines like Requires: bind%{?_isa} = %{epoch}:%{version}-%{release}

You could alternatively revert the commit adding "Epoch: 1" and then change the version to something like 1.3.0_final which dnf might consider to be higher than 1.3.0_alpha2. You could create a scratch build on Koji, which I could test. I'm not sure how to create a scratch build though since I haven't been a package maintainer.

When I tried to run dnf upgrade on the 1.3.0-2 packages from Koji I got the following errors: Problem 1: cannot install the best update candidate for package openscap-containers-1.3.0_alpha2-2.fc29.noarch - nothing provides openscap = 1.3.0-2.fc29 needed by openscap-containers-1:1.3.0-2.fc29.noarch Problem 2: cannot install the best update candidate for package openscap-devel-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap(x86-32) = 1.3.0-2.fc29 needed by openscap-devel-1:1.3.0-2.fc29.i686 Problem 3: cannot install the best update candidate for package openscap-engine-sce-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap(x86-32) = 1.3.0-2.fc29 needed by openscap-engine-sce-1:1.3.0-2.fc29.i686 Problem 4: cannot install the best update candidate for package openscap-engine-sce-devel-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap-devel(x86-32) = 1.3.0-2.fc29 needed by openscap-engine-sce-devel-1:1.3.0-2.fc29.i686 - nothing provides openscap-engine-sce(x86-32) = 1.3.0-2.fc29 needed by openscap-engine-sce-devel-1:1.3.0-2.fc29.i686 Problem 5: cannot install the best update candidate for package openscap-perl-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap(x86-32) = 1.3.0-2.fc29 needed by openscap-perl-1:1.3.0-2.fc29.i686 Problem 6: cannot install the best update candidate for package openscap-python3-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap(x86-32) = 1.3.0-2.fc29 needed by openscap-python3-1:1.3.0-2.fc29.i686 Problem 7: cannot install the best update candidate for package openscap-scanner-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap(x86-32) = 1.3.0-2.fc29 needed by openscap-scanner-1:1.3.0-2.fc29.i686 Problem 8: cannot install the best update candidate for package openscap-utils-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap(x86-32) = 1.3.0-2.fc29 needed by openscap-utils-1:1.3.0-2.fc29.i686 - nothing provides openscap-scanner(x86-32) = 1.3.0-2.fc29 needed by openscap-utils-1:1.3.0-2.fc29.i686 Problem 9: problem with installed package openscap-utils-1.3.0_alpha2-2.fc29.i686 - package openscap-utils-1.3.0_alpha2-2.fc29.i686 requires openscap(x86-32) = 1.3.0_alpha2-2.fc29, but none of the providers can be installed - cannot install both openscap-1:1.3.0-2.fc29.i686 and openscap-1.3.0_alpha2-2.fc29.i686 - cannot install the best update candidate for package openscap-1.3.0_alpha2-2.fc29.i686 - nothing provides openscap(x86-32) = 1.3.0-2.fc29 needed by openscap-utils-1:1.3.0-2.fc29.i686 - nothing provides openscap-scanner(x86-32) = 1.3.0-2.fc29 needed by openscap-utils-1:1.3.0-2.fc29.i686 =================================================================================== Package Arch Version Repository Size =================================================================================== Skipping packages with conflicts: (add '--best --allowerasing' to command line to force their upgrade): openscap i686 1:1.3.0-2.fc29 @commandline 3.3 M Skipping packages with broken dependencies: openscap-containers noarch 1:1.3.0-2.fc29 @commandline 23 k openscap-devel i686 1:1.3.0-2.fc29 @commandline 1.4 M openscap-engine-sce i686 1:1.3.0-2.fc29 @commandline 25 k openscap-engine-sce-devel i686 1:1.3.0-2.fc29 @commandline 12 k openscap-perl i686 1:1.3.0-2.fc29 @commandline 319 k openscap-python3 i686 1:1.3.0-2.fc29 @commandline 338 k openscap-scanner i686 1:1.3.0-2.fc29 @commandline 57 k openscap-utils i686 1:1.3.0-2.fc29 @commandline 24 k

Updating the requires to include the new epoch 1 such as openscap = 1:1.3.0-2.fc29 in each of the subpackages might resolve those dependency problems.

3.14.2-37 seems to be functioning normally except for the following boltd denials which occurred when gnome and gnome software started boltd. Those denials were described in more detail at https://bugzilla.redhat.com/show_bug.cgi?id=1632230 https://bugzilla.redhat.com/show_bug.cgi?id=1636823

type=AVC msg=audit(1539573288.602:334): avc: denied { mounton } for pid=4420 comm="(boltd)" path="/run/systemd/unit-root/run/boltd" dev="tmpfs" ino=114171 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:boltd_var_run_t:s0 tclass=dir permissive=0

type=USER_AVC msg=audit(1539573288.895:336): pid=682 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.513 spid=4420 tpid=4415 scontext=system_u:system_r:boltd_t:s0 tcontext=system_u:system_r:fwupd_t:s0 tclass=dbus permissive=1 exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'