libsolv breaks zypper when installed via conda as root user

[veaviticus]

Solution to issue cannot be found in the documentation.

• I checked the documentation.

Issue

Scenario: given some form of conda (including miniforge) is installed as root on an openSUSE or SLES machine. When running commands that require a repository cache refresh, such as zypper refresh, the zypper command fails to cache the repository metadata.

The reason for this is due to zypper calling repo2solv to convert the repository metadata into a .solv file. SUSE ships a compiled repo2solv as /usr/bin/repo2solv, but conda puts itself first on the PATH when integrated into the shell. conda now ships libsolv as part of the libmamba dependency solver, thus libsolv gets installed into the base conda environment, including a copy of repo2solv.

Since conda puts itself (and its $CONDA_LOCATION/bin folder) first on the PATH, zypper ends up calling this conda version of repo2solv instead of the version shipped by SUSE.

The version of repo2solv shipped by this libsolv package is NOT compiled with the ENABLE_RPMMD=1 flag, and thus does not support rpm-md style repositories, which all SUSE repositories are. So when attempting to parse a repository metadata, this version of repo2solv just exits immediately with the error message "rpmmd repo type is not supported", as a hardcoded error case.

Other distros ship libsolv compiled with the ENABLE_RPMMD flag, such as Rocky Linux, and obviously SUSE does.

We'd just need to enable that CMake define here, or any of the other CMake defines that transitively set that value to ON (you can search ENABLE_RPMMD in this file).

Which would fix this one issue, but in general if we're going to be replacing the system version of a core tool like part of the distro package manager... it should be compiled in a 100% identical manner to the upstream (which is hard since every distro compiles this slightly differently).

Reproduction:

• Install OpenSUSE Leap 15.6 (I believe this goes quite a ways back in SUSE, and also impacts SLES)
• As root user, install latest miniforge
• Enable shell integration for conda (last step in the install process)
• Log out / log in (to refresh shell)
• Clear zypper solv cache: rm -rf /var/cache/zypp/solv
• Refresh zypper caches: zypper refresh

Expected Result:
zypper caches are refreshed appropriately

Actual Results:
Every repository is broken with an error like the following:

History:
 - 'repo2solv' '-o' '/var/cache/zypp/solv/openSUSE-Leap-15.6-1/solv' '-X' '/var/cache/zypp/raw/openSUSE-Leap-15.6-1'
   rpmmd repo type is not supported
   Command exited with status 1.

Skipping repository 'openSUSE-Leap-15.6-1' because of the above error.

Other commentary:

This only impacts running conda as root, since if you install conda as a non-root user you won't be impacting the PATH of root and won't interfere with the zypper commands. Running conda as root is a bad idea in general, but I was and that's how I found this.

All forms of conda are pretty intrusive to the PATH, which is pretty annoying. A very basic default conda env ships its own copies of libsolv, zlib, xz, lz, sqlite3, etc etc. Many things where I'd be expecting to be running my distro's installed copy, instead I'm running the conda-forge versions because conda put itself first on my PATH. This really seems like a bad practice to me ... for many security / update / stability reasons. But perhaps that's a topic for the main conda-forge area and not here. I've worked around this by writing a custom shell integration script that puts conda after the default PATH entries, so my distro copies get called first instead of conda's, which I'm sure will break something in conda one day when there's a version mismatch.

Installed packages

# packages in environment at /opt/miniforge3:
#
# Name                    Version                   Build  Channel
_libgcc_mutex             0.1                 conda_forge    conda-forge
_openmp_mutex             4.5                       2_gnu    conda-forge
archspec                  0.2.3              pyhd8ed1ab_0    conda-forge
boltons                   24.0.0             pyhd8ed1ab_0    conda-forge
brotli-python             1.1.0           py312h2ec8cdc_2    conda-forge
bzip2                     1.0.8                h4bc722e_7    conda-forge
c-ares                    1.32.3               h4bc722e_0    conda-forge
ca-certificates           2024.8.30            hbcca054_0    conda-forge
certifi                   2024.8.30          pyhd8ed1ab_0    conda-forge
cffi                      1.17.1          py312h06ac9bb_0    conda-forge
charset-normalizer        3.3.2              pyhd8ed1ab_0    conda-forge
colorama                  0.4.6              pyhd8ed1ab_0    conda-forge
conda                     24.9.2          py312h7900ff3_0    /
conda-libmamba-solver     24.7.0             pyhd8ed1ab_0    conda-forge
conda-package-handling    2.3.0              pyh7900ff3_0    conda-forge
conda-package-streaming   0.10.0             pyhd8ed1ab_0    conda-forge
distro                    1.9.0              pyhd8ed1ab_0    conda-forge
fmt                       10.2.1               h00ab1b0_0    conda-forge
frozendict                2.4.4           py312h66e93f0_1    conda-forge
h2                        4.1.0              pyhd8ed1ab_0    conda-forge
hpack                     4.0.0              pyh9f0ad1d_0    conda-forge
hyperframe                6.0.1              pyhd8ed1ab_0    conda-forge
icu                       75.1                 he02047a_0    conda-forge
idna                      3.10               pyhd8ed1ab_0    conda-forge
jsonpatch                 1.33               pyhd8ed1ab_0    conda-forge
jsonpointer               3.0.0           py312h7900ff3_1    conda-forge
keyutils                  1.6.1                h166bdaf_0    conda-forge
krb5                      1.21.3               h659f571_0    conda-forge
ld_impl_linux-64          2.40                 hf3520f5_7    conda-forge
libarchive                3.7.4                hfca40fe_0    conda-forge
libcurl                   8.10.1               hbbe4b11_0    conda-forge
libedit                   3.1.20191231         he28a2e2_2    conda-forge
libev                     4.33                 hd590300_2    conda-forge
libexpat                  2.6.3                h5888daf_0    conda-forge
libffi                    3.4.2                h7f98852_5    conda-forge
libgcc                    14.1.0               h77fa898_1    conda-forge
libgcc-ng                 14.1.0               h69a702a_1    conda-forge
libgomp                   14.1.0               h77fa898_1    conda-forge
libiconv                  1.17                 hd590300_2    conda-forge
libmamba                  1.5.8                had39da4_0    /
libmambapy                1.5.8           py312hd9e9ff6_0    /
libnghttp2                1.58.0               h47da74e_1    conda-forge
libnsl                    2.0.1                hd590300_0    conda-forge
libsolv                   0.7.23               h3eb15da_0    /
libsqlite                 3.46.1               hadc24fc_0    conda-forge
libssh2                   1.11.0               h0841786_0    conda-forge
libstdcxx                 14.1.0               hc0a3c3a_1    conda-forge
libstdcxx-ng              14.1.0               h4852527_1    conda-forge
libuuid                   2.38.1               h0b41bf4_0    conda-forge
libxcrypt                 4.4.36               hd590300_1    conda-forge
libxml2                   2.12.7               he7c6b58_4    conda-forge
libzlib                   1.3.1                h4ab18f5_1    conda-forge
lz4-c                     1.9.4                hcb278e6_0    conda-forge
lzo                       2.10              hd590300_1001    conda-forge
menuinst                  2.1.2           py312h7900ff3_1    conda-forge
ncurses                   6.5                  he02047a_1    conda-forge
openssl                   3.3.2                hb9d3cd8_0    conda-forge
packaging                 24.1               pyhd8ed1ab_0    conda-forge
pip                       24.2               pyh8b19718_1    conda-forge
platformdirs              4.3.6              pyhd8ed1ab_0    conda-forge
pluggy                    1.5.0              pyhd8ed1ab_0    conda-forge
pybind11-abi              4                    hd8ed1ab_3    conda-forge
pycosat                   0.6.6           py312h98912ed_0    conda-forge
pycparser                 2.22               pyhd8ed1ab_0    conda-forge
pysocks                   1.7.1              pyha2e5f31_6    conda-forge
python                    3.12.6          hc5c86c4_1_cpython    conda-forge
python_abi                3.12                    5_cp312    conda-forge
readline                  8.2                  h8228510_1    conda-forge
reproc                    14.2.4.post0         hd590300_1    conda-forge
reproc-cpp                14.2.4.post0         h59595ed_1    conda-forge
requests                  2.32.3             pyhd8ed1ab_0    conda-forge
ruamel.yaml               0.18.6          py312h98912ed_0    conda-forge
ruamel.yaml.clib          0.2.8           py312h98912ed_0    conda-forge
setuptools                74.1.2             pyhd8ed1ab_0    conda-forge
tk                        8.6.13          noxft_h4845f30_101    conda-forge
tqdm                      4.66.5             pyhd8ed1ab_0    conda-forge
truststore                0.9.2              pyhd8ed1ab_0    conda-forge
tzdata                    2024a                h8827d51_1    conda-forge
urllib3                   2.2.3              pyhd8ed1ab_0    conda-forge
wheel                     0.44.0             pyhd8ed1ab_0    conda-forge
xz                        5.2.6                h166bdaf_0    conda-forge
yaml-cpp                  0.8.0                h59595ed_0    conda-forge
zstandard                 0.23.0          py312hef9b889_1    conda-forge
zstd                      1.5.6                ha6fb4c9_0    conda-forge

Environment info

     active environment : base
    active env location : /opt/miniforge3
            shell level : 1
       user config file : /root/.condarc
 populated config files : /opt/miniforge3/.condarc
          conda version : 24.9.2
    conda-build version : not installed
         python version : 3.12.6.final.0
                 solver : libmamba (default)
       virtual packages : __archspec=1=skylake_avx512
                          __conda=24.9.2=0
                          __glibc=2.38=0
                          __linux=6.4.0=0
                          __unix=0=0
       base environment : /opt/miniforge3  (writable)
      conda av data dir : /opt/miniforge3/etc/conda
  conda av metadata url : None
           channel URLs : https://conda.anaconda.org/conda-forge/linux-64
                          https://conda.anaconda.org/conda-forge/noarch
          package cache : /opt/miniforge3/pkgs
                          /root/.conda/pkgs
       envs directories : /opt/miniforge3/envs
                          /root/.conda/envs
               platform : linux-64
             user-agent : conda/24.9.2 requests/2.32.3 CPython/3.12.6 Linux/6.4.0-150600.23.25-default opensuse/15.6 glibc/2.38 solver/libmamba conda-libmamba-solver/24.7.0 libmambapy/1.5.8
                UID:GID : 0:0
             netrc file : None
           offline mode : False