The latest Tumbleweed update forces KDE Personal Information Malware and Akonadi bug festival into my system. Where is this coming from and how do I stop it?
╰─>$ sudo zypper dup
[sudo] password for root:
Loading repository data...
Reading installed packages...
Warning: You are about to do a distribution upgrade with all enabled repositories. Make sure these repositories are compatible before you continue. See 'man zypper' for more information about this command.
Computing distribution upgrade...
The following 534 packages are going to be upgraded:
ark
/////////////////////////////////////////////////////
// (... ~500 packages ...)
/////////////////////////////////////////////////////
wayland-utils yast2-packager
The following 11 patterns are going to be upgraded:
devel_kde_frameworks6 devel_qt6 kde kde_games kde_internet kde_multimedia kde_office kde_plasma kde_utilities
kde_utilities_opt kde_yast
/////////////////////////////////////////////////////////
// no kde_pim - good!
/////////////////////////////////////////////////////////
The following product is going to be upgraded:
openSUSE Tumbleweed 20251212-0 -> 20251217-0
The following 143 NEW packages are going to be installed:
akonadi akonadi-calendar akonadi-calendar-tools akonadi-contacts akonadi-import-wizard akonadi-mime
akonadi-plugin-calendar akonadi-plugin-contacts akonadi-plugin-mime akonadi-search akregator boost1_90_0-jam
boost-license1_90_0 calendarsupport cyrus-sasl-crammd5 cyrus-sasl-gssapi cyrus-sasl-plain eventviews grantleetheme
incidenceeditor kaddressbook kaddressbook-doc kalendarac kcalutils kdepim-addons kdepim-runtime
kernel-default-6.18.1-1.1 kernel-default-devel-6.18.1-1.1 kernel-devel-6.18.1-1.1 kernel-syms-6.18.1-1.1
kidentitymanagement kidentitymanagement-lang kimap kitinerary kldap kleopatra kmail kmail-account-wizard
kmail-application-icons kmailtransport kmbox kmime kontact kontactinterface korganizer kpimtextedit kpkpass ksmtp
ktextaddons ktnef ktnef-debug-categories libboost_filesystem1_90_0 libboost_filesystem1_90_0-x86-64-v3
libboost_headers1_90_0-devel libboost_iostreams1_90_0 libboost_iostreams1_90_0-x86-64-v3 libboost_locale1_90_0
libboost_locale1_90_0-x86-64-v3 libboost_thread1_90_0 libboost_thread1_90_0-x86-64-v3 libcamera0_6 libcamera-base0_6
libetebase0 libgravatar libJudy1 libkdepim libKF6TextAddons1 libKGantt6-3 libkgapi6 libkgapi6-lang
libkgapi6-sasl2-kdexoauth2 libkleo libKPim6AddressbookImportExport6 libKPim6AkonadiAgentBase6
libKPim6AkonadiAgentWidgetBase6 libKPim6AkonadiCalendar6 libKPim6AkonadiCalendarCore6 libKPim6AkonadiContactCore6
libKPim6AkonadiContactWidgets6 libKPim6AkonadiCore6 libKPim6AkonadiMime6 libKPim6AkonadiPrivate6
libKPim6AkonadiSearch6 libKPim6AkonadiWidgets6 libKPim6AkonadiXml6 libKPim6CalendarSupport6 libKPim6CalendarUtils6
libKPim6EventViews6 libKPim6GAPICalendar6 libKPim6GAPICore6 libKPim6GAPIPeople6 libKPim6GAPITasks6
libKPim6GrantleeTheme6 libKPim6Gravatar6 libKPim6IdentityManagementCore6 libKPim6IdentityManagementWidgets6
libKPim6IMAP6 libKPim6ImportWizard6 libKPim6IncidenceEditor6 libKPim6Itinerary6 libKPim6KontactInterface6
libKPim6LdapCore6 libKPim6LdapWidgets6 libKPim6Libkdepim6 libKPim6libkleo6 libKPim6MailCommon6 libKPim6MailImporter6
libKPim6MailImporterAkonadi6 libKPim6MailTransport6 libKPim6Mbox6 libKPim6Mime6 libKPim6MimeTreeParserCore6
libKPim6MimeTreeParserWidgets6 libKPim6PimCommon6 libKPim6PimCommonAkonadi6 libKPim6PkPass6 libKPim6SMTP6
libKPim6TextEdit6 libKPim6Tnef6 libksieve libksieve6 libngtcp2-16 libngtcp2_crypto_gnutls8 libodbc2 libphonenumber9
libpoppler155 libqgpgmeqt6-15 mailcommon mailimporter mariadb mariadb-client mariadb-errormessages mbox-importer
messagelib mimetreeparser paperkey patterns-kde-kde_pim pimcommon pim-data-exporter pim-sieve-editor
python313-mysqlclient qt6-sql-mysql sqlite3
The following NEW pattern is going to be installed:
kde_pim
//////////////////////////////////////////////////////////////
//
// No thanks!
// I don't want kde-pim or akonadi-whatever
//
//////////////////////////////////////////////////////////////
The following 17 packages are going to be REMOVED:
boost1_89_0-jam boost-license1_89_0 libboost_filesystem1_89_0 libboost_filesystem1_89_0-x86-64-v3
libboost_headers1_89_0-devel libboost_iostreams1_89_0 libboost_iostreams1_89_0-x86-64-v3 libboost_locale1_89_0
libboost_locale1_89_0-x86-64-v3 libboost_thread1_89_0 libboost_thread1_89_0-x86-64-v3 libcamera0_5 libcamera-base0_5
libkexiv2 libkexiv2-devel libKF5KExiv2-15_0_0 libpoppler153
The following package requires a system reboot:
kernel-default-6.18.1-1.1
534 packages to upgrade, 143 new, 17 to remove.
Package download size: 771.7 MiB
Package install size change:
| 2.13 GiB required by packages that will be installed
602.2 MiB | - 1.54 GiB released by packages that will be removed
Note: System reboot required.
Backend: classic_rpmtrans
Continue? [y/n/v/...? shows all options] (y): n
Thanks for the dismissive answer, I didn’t needed –no-recomends before and no, my patterns do not contain kde-pim so my question stands: where is this coming from?
╰─>$ sudo zypper patterns --installed-only
[sudo] password for root:
Loading repository data...
Reading installed packages...
S | Name | Version | Repository | Dependency
---+-----------------------+---------------+---------------------------+-----------
...
i | games | 20220126-1.9 | openSUSE-20251205-1 |
i+ | kde | 20240311-3.1 | @System |
i | kde_plasma | 20240311-3.1 | @System |
i | kvm_server | 20250313-3.2 | Main Repository (OSS) |
...
Also, I’m sorry I missed the section in the CoC related to how newcomers aren’t allowed opinions about what should run on their computers. I look forward to the next update installing, ahem recommending, Copilot.
The purpose of zypper dup vs. just zypper up is exactly this: To take changes in recommends dependencies, especially in patterns (a pattern only consists of requires and recommends dependencies) into account.
In your case, one of the patterns obviously got a new recommends that pulled those packages in. This may easily have happened via a non-user-visible pattern (which sadly in this day and age are the majority of patterns) serving as a building block for more complex patterns like “KDE Plasma Desktop”.
Compare the output of zypper patterns -i and rpm -qa "pattern*".
No, it did not. The Recommends are only evaluated for the packages that are part of transaction. If package was not changed since initial installation, its Recommends are not considered even though they were not installed originally.
Thank you! That’s my entire point! Now we got a real conversation going and maybe, just maybe we can have this small win against
I’m under no illusions of what linux is in this day and age but, as I said, maybe just this small win (I’m obviously at the bargaining stage of grief here ha ha). What if zypper instead of just pushing the package I refused* on install, would give me a “New recommended packages include ones that you previously choose not to install. Read more at www.readmore.stuff Proceed or abort until convenience vs freedom dichotomy is resolved P/A”.
Investigation
I doubt, but maybe this particular instance it is just a bug, not a feature, so, this:
went over my head, above my pay-grade, sorry.
What I can tell you:
Fresh install last week from:
openSUSE-Tumbleweed-NET-x86_64-Snapshot20251205-Media.iso
can’t remember if this is the first update since. Tell me what rm -rf / to run if you need more info
Later edit:
I’m on Tumbleweed for more that a year now and last week is the first time I had to reinstall. I stick with Tumbleweeed precisely due to that option in the installer. I’m not 100% sure but I think it’s something that you have to uncheck from the default checked state so it should be possible to make a note “this guy really doesn’t like kde-pim ring a bell for him when you push it next time”
Recommended packages are a convenient feature of zypper and are enabled by default.
erlangen:~ # grep -A9 recommended /etc/zypp/zypper.conf
## Install soft dependencies (recommended packages)
##
## CAUTION: The system wide default for all libzypp based applications (zypper,
## yast, pk,..) is defined in /etc/zypp/zypp.conf(solver.onlyRequires) and it
## will per default install recommended packages. It is NOT RECOMMENDED to define
## this value here for zypper exclusively, unless you are very certain that you
## want zypper to behave different than other libzypp based packagemanagement software
## on your system.
##
## Valid values: boolean
## Default value: follow zypp.conf(solver.onlyRequires)
##
# installRecommends = yes
erlangen:~ #
However when running zypper dist-upgrade subtleties apply. Users may want to always use:
erlangen:~ # zypper dist-upgrade --no-recommends
Loading repository data...
Reading installed packages...
Warning: You are about to do a distribution upgrade with all enabled repositories. Make sure these repositories are compatible before you continue. See 'man zypper' for more information about this command.
Computing distribution upgrade...
Nothing to do.
erlangen:~ #
Default may be changed to installRecommends = noin file /etc/zypp/zypper.conf. Setting still can be overridden on the command line, e.g. zypper install --recommends nano.
My 2 cents. I just ran into this same problem. I consider myself not a newcomer but rather a fairly accomplished and capable user with about 25 years of Linux experience. I learned something from this thread - using addlock to taboo the things I don’t want reinstalled. The recommends are great but if I intentionally remove something, it should not be reinstalled - but that’s another story. Now I know how to fix it.
The bigger problem is that a “newcomer” came with frustrations and a legitimate issue. He was immediately met with hostility rather than compassion and help. Two “wrong’s” don’t make it right. I’ve seen this pattern repeat over and over on these forums. If you want Linux adoption to increase and particularly Suse you all need to chill. I’ve been using Suse for about a year and honestly this continuing behavior in the help is making me seriously second guess my choice.
A newcomer who has an issue doesn’t come with wild FUD about “malware” and “bug festivals”. A newcomer does not attack the developers by accusing them of spreading malware. This may trigger some spicy reactions as you have seen.
A newcomer comes with clear questions instead of accusations: “A recent zypper dup tries to install a set of packages i don’t want. See output. How can i prevent this?”
They might if they came from another environment that forced things upon them. For me, I’ve seen the pim package consume a huge amount of CPU cycles and I don’t use it. I have a very unfavorable opinion of it but I wouldn’t go so far as to call it malware. Still, no reason for you to be so defensive.
Unfortunately, the “newcomer” also came with what appeared to be an attitude problem by describing products by alternative negative names. A simple, clear and polite question about packages will elicit much clearer and more pleasant responses than an aggressive attack.
@TijgerD Yes, I understood that from the beginning. What I don’t understand is why an “attitude problem” needs to be met with another “attitude problem” . As I said, 2 wrongs don’t make a right.
Sorry, but incorrect behavior typically needs to be pointed out and corrected. They could have summarily banned him from the forum. Hostile comments breed hostile reactions.
I was a big KDE PIM user from 1999 since 2018. In KDE 3.5 the system was brilliant and rock solid. Open source being what it is, the amount of bad code in the system grew to a point where it ate so many emails and calendar entries that I was forced to change. My (detailed) reports were not resolved. I don’t code and have no time to learn it or code there.
But I still use other KDE software that uses akonadi. So my solution to the issue of @elbci was to uninstall the packages I did not want and mark them unchangeable/uninstallable in YAST. Since then, I had NO issue whatsoever and the bulky stuff wasn’t re-installed.
Yelling doesn’t work, just go to the packages and fix it.