Bug 1843860 - Patch does not show all available advisories for installed packages an not all applicable systems
Summary: Patch does not show all available advisories for installed packages an not al...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Cloud Software Services (cloud.redhat.com)
Classification: Red Hat
Component: Patch
Version: unspecified
Hardware: Unspecified
OS: Linux
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Tomas Lestach
QA Contact: Martin Kourim
Matt Werner
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-06-04 10:22 UTC by Joerg K
Modified: 2020-06-10 13:35 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-06-10 13:35:33 UTC
Target Upstream Version:


Attachments (Terms of Use)
View of applicable advisories in Insights Patch (39.81 KB, image/png)
2020-06-04 10:22 UTC, Joerg K
no flags Details
Insights Patch System view (32.86 KB, image/png)
2020-06-04 10:22 UTC, Joerg K
no flags Details

Description Joerg K 2020-06-04 10:22:06 UTC
Created attachment 1695016 [details]
View of applicable advisories in Insights Patch

Description of problem:
Red Hat Insights Patch shows only one applicable advisory for one system (see screenshot rh-insights-patch-applicable-advisories.png). Patch does not show this particular Advisory for a second system (see screenshot rh-insights-patch-systems.png).

Running `yum updateinfo list` on the second system shows that the Advisory is available for this system, too. And that there are other Advisories available as well. Searching for one of the other available Advisories in Insights Patch returns no results.


Version-Release number of selected component (if applicable):
On both hosts:
# insights-client --version
Client: 3.0.13-1
Core: 3.0.166-1

How reproducible:
100%

Steps to Reproduce:
1. Run `yum updateinfo list` on each system
2. Run `insights-client` on each system
3. Compare output from 1 with Patch view from Insights

Actual results:
For Insights see attached screenshots.

t1 ~]# yum updateinfo list
[...]
RHSA-2020:2344 Important/Sec. bind-export-libs-32:9.11.4-16.P2.el7_8.6.x86_64
RHSA-2020:2344 Important/Sec. bind-libs-32:9.11.4-16.P2.el7_8.6.x86_64
RHSA-2020:2344 Important/Sec. bind-libs-lite-32:9.11.4-16.P2.el7_8.6.x86_64
RHSA-2020:2344 Important/Sec. bind-license-32:9.11.4-16.P2.el7_8.6.noarch
RHSA-2020:2344 Important/Sec. bind-utils-32:9.11.4-16.P2.el7_8.6.x86_64
RHBA-2020:2355 bugfix         bpftool-3.10.0-1127.10.1.el7.x86_64
RHSA-2020:2337 Important/Sec. git-1.8.3.1-23.el7_8.x86_64
RHBA-2020:2355 bugfix         kernel-3.10.0-1127.10.1.el7.x86_64
RHBA-2020:2355 bugfix         kernel-tools-3.10.0-1127.10.1.el7.x86_64
RHBA-2020:2355 bugfix         kernel-tools-libs-3.10.0-1127.10.1.el7.x86_64
RHSA-2020:2337 Important/Sec. perl-Git-1.8.3.1-23.el7_8.noarch
RHBA-2020:2355 bugfix         python-perf-3.10.0-1127.10.1.el7.x86_64
updateinfo list done

t2 ~]# yum updateinfo list
[...]
RHSA-2020:2344 Important/Sec. bind-export-libs-32:9.11.4-16.P2.el7_8.6.x86_64
RHSA-2020:2344 Important/Sec. bind-libs-32:9.11.4-16.P2.el7_8.6.x86_64
RHSA-2020:2344 Important/Sec. bind-libs-lite-32:9.11.4-16.P2.el7_8.6.x86_64
RHSA-2020:2344 Important/Sec. bind-license-32:9.11.4-16.P2.el7_8.6.noarch
RHSA-2020:2344 Important/Sec. bind-utils-32:9.11.4-16.P2.el7_8.6.x86_64
RHSA-2020:2337 Important/Sec. git-1.8.3.1-23.el7_8.x86_64
RHBA-2020:2355 bugfix         kernel-3.10.0-1127.10.1.el7.x86_64
RHBA-2020:2355 bugfix         kernel-debug-devel-3.10.0-1127.10.1.el7.x86_64
RHBA-2020:2355 bugfix         kernel-devel-3.10.0-1127.10.1.el7.x86_64
RHBA-2020:2355 bugfix         kernel-headers-3.10.0-1127.10.1.el7.x86_64
RHBA-2020:2355 bugfix         kernel-tools-3.10.0-1127.10.1.el7.x86_64
RHBA-2020:2355 bugfix         kernel-tools-libs-3.10.0-1127.10.1.el7.x86_64
RHSA-2020:2337 Important/Sec. perl-Git-1.8.3.1-23.el7_8.noarch
RHBA-2020:2355 bugfix         python-perf-3.10.0-1127.10.1.el7.x86_64
updateinfo list done

Expected results:
I would expect to find the available advisories for the local machines as applicable advisories in Insights.

Comment 1 Joerg K 2020-06-04 10:22:57 UTC
Created attachment 1695017 [details]
Insights Patch System view

Comment 2 Tomas Lestach 2020-06-05 09:14:05 UTC
Hello Joerg,
can you please open a ticket with Red Hat Support?

Comment 3 Joerg K 2020-06-05 09:56:52 UTC
Hello Tomas,
I opened support ticket 02671467 referencing this bugzilla id. I uploaded sosreports for the two systems mentioned above to the case.

Comment 4 mhornick@redhat.com 2020-06-09 10:15:42 UTC
Hi there,

I've tracked down the systems referenced.
The problem seems to be repositories enabled on each of these systems.

the t1 has the "rhel-7-server-rpms" repo enabled, which is official RH repository, but the 
t2 has several repos starting with "bits-rhel-" prefix, and does not have any official RH repo enabled.

The Patch(and Vulnerability) applications from insights only have information about content from official RH sources. Because t2
has the "bits-rhel-" repos only, the applications have no information about what these repos contain, and can't provide
information about updates.

The solution would be to use official RHEL repos.

Also, I'd like to know where these repos come from. Whether these are totally custom, or something provided through satellite.

Comment 5 Joerg K 2020-06-09 13:41:24 UTC
Hi, the "bits-rhel-" repos are provided by a local mirror server like it is described in this solution: [How to create a local mirror of the latest update for Red Hat Enterprise Linux 5, 6, 7, 8 without using Satellite server?](https://access.redhat.com/solutions/23016)

So for example bits-rhel-7-server-rpms provides the same packages and erratas as the upstream rhel-7-server-rpms repo. We use the prefix "bits-" to point out that this repo is from our local mirror and to avoid the yum warning that one repo my be configured more than once.

My guess is that when all the erratas are available on the local mirror and the system using a repo from this mirror is able to find available erratas Patch should be able to find them as well, shouldn't it?

But why shows Patch for the t1 as of 2020-06-09 only 3 applicable advisories when `yum updateinfo list` shows 12 available advisories while using the original rhel-7-server-rpms repo?

Comment 6 Joerg K 2020-06-09 13:46:27 UTC
(In reply to Joerg K from comment #5)
> But why shows Patch for the t1 as of 2020-06-09 only 3 applicable advisories
> when `yum updateinfo list` shows 12 available advisories while using the
> original rhel-7-server-rpms repo?

Nerver mind, `yum updateinfo list` shows three advisories for t1 as well. I counted the number of available packages first. But there are only three advisories.

So because I don't use upstream rhel repo for t2 Patch can't find any applicable adivsories. But I don't understand why not. How does the discovery process work? Isn't insights-client looking for available advisories locally and then transfering and showing them in patch with additional information?

Comment 7 Tomas Lestach 2020-06-09 13:50:55 UTC
Patch (as well as Vulnerability) works exclusively with Red Hat repos by design. It does not work with any custom repositories even though they'd contain RH content only.
The backend engine does not collect/contain/keep/work with custom non-RH repository metadata.


Note You need to log in before you can comment on or make changes to this bug.