Goal

• As a DNF --transient user, I don't want to accidentally make permanent changes that would break my system, e.g. by removing a kernel package that provides important files under /boot.
• As a DNF --transient user, I want to still be allowed to perform a potentially unsafe transaction if I need to.

Acceptance criteria

A list of verification conditions, successful functional tests, or expected outcomes in order to declare this story/task successfully completed.

• Users on non-bootc systems and/or are not using --transient are not affected
• Transactions that modify files outside /usr and /etc, such as dnf4 upgrade --transient kernel-core, should fail unless the user passes some "-i-know-what-im-doing" flag
• DNF should list the files outside /usr and /etc that would be unsafely modified by the transaction, so the user can make an informed decision whether to proceed with the potentially-unsafe transaction
• Third-party packages that modify files outside /usr and /etc should be handled the same way as RHEL packages without intervention by the package mantainers.