Description of problem: Yum first tries an anonymous GET (without username and password) to get header and rpm files even if a login for http auth is specified at baseurl in the yum configuration file. From my access_log: --- snipp --- fedora.testnet - - [27/Aug/2004:16:03:11 +0200] "GET /files/headers/office2text-0-2004-1.i386.hdr HTTP/1.1" 401 498 "-" "Yum/2.X" fedora.testnet - user [27/Aug/2004:16:03:14 +0200] "GET /files/headers/office2text-0-2004-1.i386.hdr HTTP/1.1" 200 3394 "-" "Yum/2.X" --- snapp --- Version-Release number of selected component (if applicable): yum-2.0.7-3 How reproducible: Everytime, see below. Steps to Reproduce: 1. Edit /etc/yum.conf and add a repository with a baseurl in the form: "http://user:password@server/directory/" 2. Run "yum check-update" 3. Run "yum update" 4. Have a look to the access_log of the http server were the header and rpm files are from. Actual results: Yum tries to get every file 2 times (first without http auth and then with http auth), that wrong behaviour causes unneeded traffic and unnecessary errors at server side. Expected results: --- snipp --- fedora.testnet - user [27/Aug/2004:16:03:14 +0200] "GET /files/headers/office2text-0-2004-1.i386.hdr HTTP/1.1" 200 3394 "-" "Yum/2.X" --- snapp --- That mens only ONE try to get a header and/or rpm file and then correctly with http auth using user and password.
OK, I have good news and bad news. The bad news is more bad than the good news is good. The bad news: you are correct. This behavior comes from urllib2 and is not a result of yum or urlgrabber code (except in that they use urllib2). If I can find a sane way to work around it, I'm game. If it requires major hacking on urllib2, some more thinking will have to happen. The good news. In poking around, I discovered that urlgrabber accidentally stripped any trailing slashes off of directory requests, leading to unnecessary re-directs. I fixed that :)
Only want to say, that yum 2.1.x CVS HEAD 1 h ago currently has the same problem anyway.
Yes. As the offending code is not actually _IN_ yum/urlgrabber, the updates in yum/urlgrabber are not going to change it. I'm not opposed to trying to work around it in urlgrabber, but I just don't see a good way now. I'm open to suggestions.
Is this better in 2.4.0?
I don't know - sorry, I developed very soon my own workaround to avoid this using HTTP AUTH with yum... ;-) But looking to comments #1 and #3, I can just guess, that the problem exists further on.