module: Warn if module config file is inaccessible

If a DNF module configuration file is unreadable, `dnf` may return unexpected results without warning the user, potentially affecting command output. Steps to reproduce: 1. Enable the `nginx` module as root with a restrictive `umask`, making the config file unreadable for normal users: # umask 0066 # dnf module enable nginx:1.24 # ls -l /etc/dnf/modules.d/nginx.module -rw-------. 1 root root 55 Oct 16 09:59 /etc/dnf/modules.d/nginx.module 2. Check available packages as root (CORRECT): # dnf list --available nginx [...] Available Packages nginx.x86_64 1:1.24.0-1.module+el9.4.0+21950+8ebc21e2.1 3. Check available packages as a normal user (INCORRECT): $ dnf list --available nginx [...] Available Packages nginx.x86_64 1:1.20.1-16.el9_4.1 This patch introduces a warning when a module config file exists but is inaccessible, helping users diagnose potential issues: $ dnf list --available nginx [...] Cannot read "/etc/dnf/modules.d/nginx.module". Modular filtering may be affected. Available Packages nginx.x86_64 1:1.20.1-16.el9_4.1 Resolves: https://issues.redhat.com/browse/RHEL-62833
rpm-software-management · Feb 7, 2025 · 416dbdf · 416dbdf
1 parent c7f8690
commit 416dbdf
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/libdnf/module/ModulePackageContainer.cpp b/libdnf/module/ModulePackageContainer.cpp
@@ -1370,10 +1370,10 @@ static inline void
 parseConfig(ConfigParser &parser, const std::string &name, const char *path)
 {
     auto logger(Log::getLogger());
+    const auto fname = name + ".module";
+    g_autofree gchar * cfn = g_build_filename(path, fname.c_str(), NULL);
 
     try {
-        const auto fname = name + ".module";
-        g_autofree gchar * cfn = g_build_filename(path, fname.c_str(), NULL);
         parser.read(cfn);
 
         /* FIXME: init empty config or throw error? */
@@ -1393,10 +1393,15 @@ parseConfig(ConfigParser &parser, const std::string &name, const char *path)
             parser.setValue(name, "state", parser.getValue(name, "enabled"));
             parser.removeOption(name, "enabled");
         }
-    } catch (const ConfigParser::CantOpenFile &) {
+    } catch (const ConfigParser::FileDoesNotExist &) {
         /* No module config file present. Fill values in */
         initConfig(parser, name);
         return;
+    } catch (const ConfigParser::CantOpenFile &) {
+        /* File exists but is not readable. */
+        logger->warning(tfm::format("Cannot read \"%s\". Modular filtering may be affected.", cfn));
+        initConfig(parser, name);
+        return;
     }
 }