Description of problem: Since release of python-s3transfer-0.1.13-1.el7_9.2.noarch some utilities, such as certbot from EPEL, no longer function, as well as some internal applications. Version-Release number of selected component (if applicable): python-s3transfer-0.1.13-1.el7_9.2.noarch How reproducible: Always Steps to Reproduce: 1. Update to python-s3transfer-0.1.13-1.el7_9.2.noarch 2. Run following: $ python >>> import boto3 >>> import urllib3 >>> urllib3.__file 3. Also run the following: $ python >>> import urllib3 >>> import boto3 Actual results: 1. Python 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import boto3 >>> import urllib3 >>> urllib3.__file__ '/usr/lib/fence-agents/bundled/urllib3/__init__.pyc' >>> 2. Python 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import urllib3 >>> urllib3.__file__ '/usr/lib/python2.7/site-packages/urllib3/__init__.pyc' >>> import boto3 Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python2.7/site-packages/boto3/__init__.py", line 16, in <module> from boto3.session import Session File "/usr/lib/python2.7/site-packages/boto3/session.py", line 19, in <module> import botocore.session File "/usr/lib/fence-agents/bundled/botocore/session.py", line 29, in <module> import botocore.credentials File "/usr/lib/fence-agents/bundled/botocore/credentials.py", line 34, in <module> from botocore.config import Config File "/usr/lib/fence-agents/bundled/botocore/config.py", line 16, in <module> from botocore.endpoint import DEFAULT_TIMEOUT, MAX_POOL_CONNECTIONS File "/usr/lib/fence-agents/bundled/botocore/endpoint.py", line 22, in <module> from botocore.awsrequest import create_request_object File "/usr/lib/fence-agents/bundled/botocore/awsrequest.py", line 24, in <module> import botocore.utils File "/usr/lib/fence-agents/bundled/botocore/utils.py", line 32, in <module> import botocore.httpsession File "/usr/lib/fence-agents/bundled/botocore/httpsession.py", line 10, in <module> from urllib3.util.ssl_ import ( ImportError: cannot import name PROTOCOL_TLS >>> Expected results: Previous version, python-s3transfer-0.1.13-1.el7.0.1.noarch, would return working, as follows. Note that the urllib3 is not replaced from fence-agents and is working. 1. Python 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import boto3 >>> import urllib3 >>> urllib3.__file__ '/usr/lib/python2.7/site-packages/urllib3/__init__.pyc' >>> 2. Python 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import urllib3 >>> import boto3 >>> >>> Additional info: Seems like new version has bundled new urllib3 of version 1.26.8 - much higher than the system one of 1.20.2 - but if the system one is already imported before boto3, which is case in my apps and certbot, then it ends up with 1.20.2 which seems to break boto3
Certbot logs which triggered along with my own failures: # certbot An unexpected error occurred: ImportError: cannot import name PROTOCOL_TLS Please see the logfile '/tmp/tmpxyrTML/log' for more details. # cat /tmp/tmpxyrTML/log 2022-04-07 12:10:52,605:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/bin/certbot", line 9, in <module> load_entry_point('certbot==1.11.0', 'console_scripts', 'certbot')() File "/usr/lib/python2.7/site-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1383, in main plugins = plugins_disco.PluginsRegistry.find_all() File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 236, in find_all plugin_ep = cls._load_entry_point(entry_point, plugins, with_prefix=False) File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 254, in _load_entry_point plugin_ep = PluginEntryPoint(entry_point, with_prefix) File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 56, in __init__ self.plugin_cls = entry_point.load() File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2260, in load entry = __import__(self.module_name, globals(),globals(), ['__name__']) File "/usr/lib/python2.7/site-packages/certbot_dns_route53/authenticator.py", line 7, in <module> from certbot_dns_route53._internal import dns_route53 File "/usr/lib/python2.7/site-packages/certbot_dns_route53/_internal/dns_route53.py", line 6, in <module> import boto3 File "/usr/lib/python2.7/site-packages/boto3/__init__.py", line 16, in <module> from boto3.session import Session File "/usr/lib/python2.7/site-packages/boto3/session.py", line 19, in <module> import botocore.session File "/usr/lib/fence-agents/bundled/botocore/session.py", line 29, in <module> import botocore.credentials File "/usr/lib/fence-agents/bundled/botocore/credentials.py", line 34, in <module> from botocore.config import Config File "/usr/lib/fence-agents/bundled/botocore/config.py", line 16, in <module> from botocore.endpoint import DEFAULT_TIMEOUT, MAX_POOL_CONNECTIONS File "/usr/lib/fence-agents/bundled/botocore/endpoint.py", line 22, in <module> from botocore.awsrequest import create_request_object File "/usr/lib/fence-agents/bundled/botocore/awsrequest.py", line 24, in <module> import botocore.utils File "/usr/lib/fence-agents/bundled/botocore/utils.py", line 32, in <module> import botocore.httpsession File "/usr/lib/fence-agents/bundled/botocore/httpsession.py", line 10, in <module> from urllib3.util.ssl_ import ( ImportError: cannot import name PROTOCOL_TLS 2022-04-07 12:10:52,605:ERROR:certbot._internal.log:An unexpected error occurred: 2022-04-07 12:10:52,605:ERROR:certbot._internal.log:ImportError: cannot import name PROTOCOL_TLS
Duplicating my comment from rhbz#2050751, this also breaks the package "awscli-1.14.28-5.el7_5.1.noarch": # aws --version Traceback (most recent call last): File "/bin/aws", line 19, in <module> import awscli.clidriver File "/usr/lib/python2.7/site-packages/awscli/clidriver.py", line 37, in <module> from awscli.help import ProviderHelpCommand File "/usr/lib/python2.7/site-packages/awscli/help.py", line 24, in <module> from botocore.docs.bcdoc import docevents ImportError: cannot import name docevents
confirmed when using python-s3transfer-0.1.13-1.el7_9.2.noarch and certbot-1.11.0-2.el7 (which uses python 2.7) reports certbot[29788]: An unexpected error occurred: certbot[29788]: ImportError: cannot import name PROTOCOL_TLS certbot[29788]: Please see the logfile '/tmp/tmpnNWyZf/log' for more details. systemd[1]: certbot-renew.service: main process exited, code=exited, status=1/FAILURE systemd[1]: Failed to start This service automatically renews any certbot certificates found. systemd[1]: Unit certbot-renew.service entered failed state. systemd[1]: certbot-renew.service failed. with /tmp/tmpnNWyZf/log 2022-07-10 23:54:13,330:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 9, in <module> load_entry_point('certbot==1.11.0', 'console_scripts', 'certbot')() File "/usr/lib/python2.7/site-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1383, in main plugins = plugins_disco.PluginsRegistry.find_all() File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 236, in find_all plugin_ep = cls._load_entry_point(entry_point, plugins, with_prefix=False) File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 254, in _load_entry_point plugin_ep = PluginEntryPoint(entry_point, with_prefix) File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/disco.py", line 56, in __init__ self.plugin_cls = entry_point.load() File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2260, in load entry = __import__(self.module_name, globals(),globals(), ['__name__']) File "/usr/lib/python2.7/site-packages/certbot_dns_route53/authenticator.py", line 7, in <module> from certbot_dns_route53._internal import dns_route53 File "/usr/lib/python2.7/site-packages/certbot_dns_route53/_internal/dns_route53.py", line 6, in <module> import boto3 File "/usr/lib/python2.7/site-packages/boto3/__init__.py", line 16, in <module> from boto3.session import Session File "/usr/lib/python2.7/site-packages/boto3/session.py", line 19, in <module> import botocore.session File "/usr/lib/fence-agents/bundled/botocore/session.py", line 29, in <module> import botocore.credentials File "/usr/lib/fence-agents/bundled/botocore/credentials.py", line 34, in <module> from botocore.config import Config File "/usr/lib/fence-agents/bundled/botocore/config.py", line 16, in <module> from botocore.endpoint import DEFAULT_TIMEOUT, MAX_POOL_CONNECTIONS File "/usr/lib/fence-agents/bundled/botocore/endpoint.py", line 22, in <module> from botocore.awsrequest import create_request_object File "/usr/lib/fence-agents/bundled/botocore/awsrequest.py", line 24, in <module> import botocore.utils File "/usr/lib/fence-agents/bundled/botocore/utils.py", line 32, in <module> import botocore.httpsession File "/usr/lib/fence-agents/bundled/botocore/httpsession.py", line 10, in <module> from urllib3.util.ssl_ import ( ImportError: cannot import name PROTOCOL_TLS 2022-07-10 23:54:13,331:ERROR:certbot._internal.log:An unexpected error occurred: 2022-07-10 23:54:13,332:ERROR:certbot._internal.log:ImportError: cannot import name PROTOCOL_TLS after force-installing the old version: rpm --upgrade --force /tmp/python-s3transfer-0.1.13-1.el7.0.1.noarch.rpm everything was back to normal (and my expired certs have been renewed)