Bug 1466229 - when there is a problem with specific errata parsing, rest of errata should be imported
Summary: when there is a problem with specific errata parsing, rest of errata should b...
Alias: None
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Satellite Synchronization
Version: 580
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Jan Dobes
QA Contact: Jan Hutař
Depends On:
Blocks: sat58-errata
TreeView+ depends on / blocked
Reported: 2017-06-29 09:53 UTC by Jan Hutař
Modified: 2017-09-06 12:27 UTC (History)
4 users (show)

Fixed In Version: spacewalk-backend-2.5.3-150-sat
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2017-09-06 12:27:53 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1461339 'unspecified' 'CLOSED' 'spacewalk-repo-sync syncs errata even if filter excludes their packages' 2019-11-20 14:39:42 UTC
Red Hat Product Errata RHSA-2017:2645 normal SHIPPED_LIVE Moderate: satellite and spacewalk security and bug fix update 2017-09-06 16:26:43 UTC

Internal Links: 1461339

Description Jan Hutař 2017-06-29 09:53:55 UTC
Description of problem:
When there is a problem with specific errata parsing, rest of errata should be imported.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. As of now, there is buggy updatesinfo file on CDN which have:

                <reference href="https://access.redhat.com/errata/RHSA-2017:1615" type="self" id="RHSA-2017:1615" title="RHSA-2017:1615" />
                <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1414735" type="bugzilla" id="1414735" title="CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation inside guest" />
                <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1426542" type="bugzilla" id="1426542" title="CVE-2017-6214 kernel: ipv4/tcp: Infinite loop in tcp_splice_read()" />
                <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1443615" type="bugzilla" id="1443615" title="CVE-2017-7645 kernel: nfsd: Incorrect handling of long RPC replies" />
                <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1445207" type="bugzilla" id="1445207" title="CVE-2017-7477 kernel: net: Heap overflow in skb_to_sgvec in macsec.c" />
                <reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1446103" type="bugzilla" id="1446103" title="CVE-2017-7895 kernel: NFSv3 server does not properly handle payload bounds checking of WRITE requests" />
                <reference href="https://www.redhat.com/security/data/cve/CVE-2017-2583.html" type="cve" id="CVE-2017-2583" title="CVE-2017-2583" />
                <reference href="https://www.redhat.com/security/data/cve/CVE-2017-6214.html" type="cve" id="CVE-2017-6214" title="CVE-2017-6214" />
                <reference href="https://www.redhat.com/security/data/cve/CVE-2017-7477.html" type="cve" id="CVE-2017-7477" title="CVE-2017-7477" />
                <reference href="https://www.redhat.com/security/data/cve/CVE-2017-7645.html" type="cve" id="CVE-2017-7645" title="CVE-2017-7645" />
                <reference href="https://www.redhat.com/security/data/cve/CVE-2017-7895.html" type="cve" id="CVE-2017-7895" title="CVE-2017-7895" />
                <reference href="https://access.redhat.com/security/updates/classification/#important" type="other" id="classification" title="important" />
                <reference type="other" id="ref_0" title="other_reference_0" />
                <reference href="https://access.redhat.com/articles/3090941." type="other" id="ref_1" title="other_reference_1" />

2. When cdn-sync is tasked to import rhel-x86_64-server-7, it fails to import

# cdn-sync -c rhel-x86_64-server-7 --no-packages
15:16:48 ======================================
15:16:48 | Channel: rhel-x86_64-server-7
15:16:48 ======================================
15:16:48 Sync of channel started.
15:16:48 Repo URL: https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os
15:17:28 Repo https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os has 1943 errata.
15:17:52 ERROR: cannot concatenate 'str' and 'NoneType' objects
15:17:52 Repo URL: https://cdn.redhat.com/content/dist/rhel/server/7/7.3/x86_64/kickstart
15:17:57 Repo https://cdn.redhat.com/content/dist/rhel/server/7/7.3/x86_64/kickstart has 0 errata.
15:17:58 Added new kickstartable tree ks-rhel-x86_64-server-7-7.3. Downloading content...
15:17:58 Gathering all files in kickstart repository...
15:18:40 Downloading 138 kickstart files.

Actual results:
cdn-sync does not proceed with errata import to DB

Expected results:
At least rest of errata should be imported

Comment 1 Jan Hutař 2017-06-29 09:56:56 UTC
By adding `raise` to /usr/lib/python2.6/site-packages/spacewalk/satellite_tools/reposync.py to line 466 (might not be precise, I might have added more debug prints along the way):

            except Exception:
                e = sys.exc_info()[1]
                log2(0, 0, "ERROR: %s" % e, stream=sys.stderr)
                log2disk(0, "ERROR: %s" % e)
                # pylint: disable=W0104
                sync_error = -1

this is the traceback:

05:50:07 >>> RHSA-2017:1615   # <--- IMO this is the problematic errata
05:50:07 ERROR: cannot concatenate 'str' and 'NoneType' objects
Traceback (most recent call last):
  File "/usr/bin/cdn-sync", line 220, in <module>
  File "/usr/bin/cdn-sync", line 164, in <module>
    error_messages = cdnsync.sync(channels=args.channel)
  File "/usr/lib/python2.6/site-packages/spacewalk/cdn_tools/cdnsync.py", line 460, in sync
    cur_time, failed_packages = self._sync_channel(channel)
  File "/usr/lib/python2.6/site-packages/spacewalk/cdn_tools/cdnsync.py", line 402, in _sync_channel
    return sync.sync()
  File "/usr/lib/python2.6/site-packages/spacewalk/satellite_tools/reposync.py", line 452, in sync
    self.import_updates(plugin, url)
  File "/usr/lib/python2.6/site-packages/spacewalk/satellite_tools/reposync.py", line 535, in import_updates
  File "/usr/lib/python2.6/site-packages/spacewalk/satellite_tools/reposync.py", line 749, in upload_updates
    refers_to += other['href']
Exception: SYNC ERROR: attempting to display as much information as possible
 cannot concatenate 'str' and 'NoneType' objects

Comment 3 Jan Dobes 2017-06-30 15:56:02 UTC
This is not reproducible anymore but your proposal - importing as many errata as possible if there are any faulty errata - makes sense.

Comment 4 Jan Dobes 2017-07-27 15:27:19 UTC
fixed in spacewalk.git(master):


Comment 11 Lukáš Hellebrandt 2017-08-28 13:29:22 UTC
Reverified with spacewalk-backend-2.5.3-151 using channel http://download/qa/rhts/lookaside/RHN-Satellite/tests/bz1466229/ which has missing "href" in one reference:

# cdn-sync -c rhel-x86_64-server-rh-common-7 -vvv
09:16:43 Linking packages to channel.
09:16:44 Repo http://download/qa/rhts/lookaside/RHN-Satellite/tests/bz1466229//content/dist/rhel/server/7/7Server/x86_64/rh-common/os has comps file cb329cadcd7701d5b4f752e6ef8fbe7fe2bbc3a74b971d47c3ab3682c5e67121-comps.xml.
09:16:45 Repo http://download/qa/rhts/lookaside/RHN-Satellite/tests/bz1466229//content/dist/rhel/server/7/7Server/x86_64/rh-common/os has 40 errata.
09:16:45 No checksum found for rhel-guest-image-7-7.2-20160301.0.el7_2.noarch. Skipping Package
09:16:45 Skipped RHBA-2016:0356 - Advisory RHBA-2016:0356 skipped because of empty package list (filtered).
09:16:45 Skipped RHBA-2015:0040 - cannot concatenate 'str' and 'NoneType' objects
09:16:45 No checksum found for rhel-guest-image-7-7.0-20150127.0.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2015:0221 - Advisory RHBA-2015:0221 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.0-20140909.0.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2014:1267 - Advisory RHBA-2014:1267 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.0-20140506.1.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2014:0754 - Advisory RHBA-2014:0754 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.2-20160219.1.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2016:0295 - Advisory RHBA-2016:0295 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.2-20151102.0.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2015:2480 - Advisory RHBA-2015:2480 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.0-20140618.1.el7.noarch. Skipping Package
09:16:45 Skipped RHEA-2014:0817 - Advisory RHEA-2014:0817 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.1-20150224.0.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2015:0648 - Advisory RHBA-2015:0648 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.2-20160302.0.el7_2.noarch. Skipping Package
09:16:45 Skipped RHBA-2016:0522 - Advisory RHBA-2016:0522 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.0-20140930.0.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2014:1675 - Advisory RHBA-2014:1675 skipped because of empty package list (filtered).
09:16:45 No checksum found for rhel-guest-image-7-7.0-20140729.1.el7.noarch. Skipping Package
09:16:45 Skipped RHBA-2014:1043 - Advisory RHBA-2014:1043 skipped because of empty package list (filtered).
09:16:45 Syncing 28 new errata to channel.
09:16:46 Trying treeinfo

(40 errata, 11 without packages, 1 with broken metadata)

# spacewalk-report errata-channels | grep common | wc -l

=> The errata with correct metadata got indeed synced

Comment 12 errata-xmlrpc 2017-09-06 12:27:53 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.