Red Hat Bugzilla – Bug 164394
yum doesnt check integrity of packages before installing them
Last modified: 2014-01-21 17:52:30 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.8) Gecko/20050712 Galeon/1.3.21
Description of problem:
Yum just doesnt know if packages in its cache are valid or not.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. yum -y update &
[wait for yum to download packages that are to be updated...]
2. killall -9 yum
3. yum -y -C update
Actual Results: [...]
Updating : system-config-printer ######################### [2/4]
error: unpacking of archive failed: cpio: read
Expected Results: yum should have resumed or restarted the download before trying to install system-config-printer.
Here are some additionnal informations :
[root@gruyere packages]# rpm -Kv system-config-printer-0.6.131.3-1.x86_64.rpm
EntÃªte signature V3 DSA: OK, key ID 4f2a6fd2
Hachage de l'entÃªte SHA1: OK (eb620794af8fbd5f466e21ca853ab93a268ea0ff)
Somme MD5: BAD Expected(601c705a8eaecac829dc625c904d8a7b) !=
signature V3 DSA: BAD, key ID 4f2a6fd2
Here's the apt behaviour which is rather simple, package independent and doesnt
require you to re-verify packages integrity of those which are already in the cache:
1. during the download, packages are in /var/cache/apt/archives/partial
2. Once the download is complete, check the package integrity
3. Once the package integrity has been checked put the package in the real cache
directory (in apt case : /var/cache/apt/archives).
If the download is interrupted, the cache isnt polluted by partially-downloaded
packages. Download of the same package may either be known-to-be-resumed from
the 'partial' directory or restarted from zero.
Created attachment 117197 [details]
The broken packages, as mis-downloaded.
This is the system-config-printer package, as it has been downloaded by
So when caching is enabled the package verify was getting run but wasn't being
honored if there was a failure. I've fixed it in cvs and it will out in yum 2.3.5.
*** Bug 164311 has been marked as a duplicate of this bug. ***
*** Bug 164312 has been marked as a duplicate of this bug. ***
*** Bug 164345 has been marked as a duplicate of this bug. ***
*** Bug 164313 has been marked as a duplicate of this bug. ***
*** Bug 164348 has been marked as a duplicate of this bug. ***
*** Bug 164347 has been marked as a duplicate of this bug. ***
*** Bug 164392 has been marked as a duplicate of this bug. ***
*** Bug 164393 has been marked as a duplicate of this bug. ***
Sorry for the mess with the duplicates. I think the duplicated entries are from
the '500 Internal Error' pages i had.