Bug 251135 - yum-security is not prodcuing output or is prodcuing errors
yum-security is not prodcuing output or is prodcuing errors
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: yum-utils (Show other bugs)
7
All Linux
low Severity low
: ---
: ---
Assigned To: Seth Vidal
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-08-07 08:46 EDT by John Guthrie
Modified: 2008-03-13 09:46 EDT (History)
3 users (show)

See Also:
Fixed In Version: 1.1.11
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-03-13 09:46:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
output from "yum --security list updates" (151.09 KB, text/plain)
2007-08-07 08:46 EDT, John Guthrie
no flags Details

  None (edit)
Description John Guthrie 2007-08-07 08:46:40 EDT
Description of problem:
When I try to run

yum list security

I am getting no output even when there are known security updates.  Even
worse, if I try to run

yum --security list updates

then it tries to process for a *very* long time, then it prints out the
excessively long output that is in the attached file.

Version-Release number of selected component (if applicable):
yum-utils-1.1.5-1.fc7

How reproducible:
every time

Steps to Reproduce:
1. Type "yum --security list updates"
2. Sit for a very long time
3. Bathe in the glow of large amount of error messages
  
Actual results:
The output in attached file

Expected results:
I would expect to see a list of security-related updates that are
available.

Additional info:
Comment 1 John Guthrie 2007-08-07 08:46:40 EDT
Created attachment 160807 [details]
output from "yum --security list updates"
Comment 2 John Guthrie 2007-08-16 15:43:44 EDT
Perhaps I'm reading the code incorrectly, but doesn't yum-security depend on the
existence of an updateinfo.xml file?  That file doesn't seem to be around in
Fedora 7 anymore....
Comment 3 John Guthrie 2007-08-17 01:25:19 EDT
I can now verify that using version 1.1.6-1.fc7 of yum-utils, the error
messages go away.  However, yum-security is now merely saying that
there are no security updates.  This even when there is a known
security update that is listed by "yum list updates".  For example, at
this moment, there is an update available for my system for the
Terminal package.  It is listed under FEDORA-2007-1620.  However, when
I run

yum --advisory FEDORA-2007-1620 list updates

or

yum --advisory FEDORA-2007-1620 list-sec

I get the message 'Advisory "FEDORA-2007-1620" not found applicable for
this system'.
Comment 4 Tim Lauridsen 2007-08-17 02:23:15 EDT
James, do you have any comments ?
Comment 5 James Antill 2007-08-17 12:01:10 EDT
> yum list security

 This doesn't do anything, you want yum list-security (as there are no ways to
add sub-commands).

> yum --security list updates
>
> then it tries to process for a *very* long time

 This is a known bug (plugin remove package takes a long time), it's worked
around in upstream yum-utils ... but that hasn't made it to f7 yet.
 Note that "yum --security update" still works, as that uses another code path.

> However, yum-security is now merely saying that
> there are no security updates.

 This is all dependant on the updateinfo.xml file ... which doesn't seem to
exist in /var/cache/yum/updates atm. on Fed-7. and I don't see it at:

http://download.fedora.redhat.com/pub/fedora/linux/updates/7/i386/repodata/

...is pirut/pup getting this data?
Comment 6 John Guthrie 2007-08-18 02:40:46 EDT
(In reply to comment #5)
> > yum list security
> 
>  This doesn't do anything, you want yum list-security (as there are no ways to
> add sub-commands).

Wow, I must have been *really* bleary-eyed when I first read that man page.  I
have no idea how I thought that was the correct command.

> > yum --security list updates
> >
> > then it tries to process for a *very* long time
> 
>  This is a known bug (plugin remove package takes a long time), it's worked
> around in upstream yum-utils ... but that hasn't made it to f7 yet.
>  Note that "yum --security update" still works, as that uses another code path.

When I first filed this bug, I was using yum-utils 1.1.5-1.fc7.  Now that
yum-utils has been upgraded to 1.1.6-1.fc7 in F7,

yum --security list updates

now returns in a sane amount of time.  However, it returns some strange data. 
When I run that command now, I get a listing of two kmod packages, at least one
of which is definitely not a security update.  (The latest kmod-sysprof, in
particular.)  It doesn't list any other packages.  With the current behavior, I
guess I would expect it to return an empty list as well...

> > However, yum-security is now merely saying that
> > there are no security updates.
> 
>  This is all dependant on the updateinfo.xml file ... which doesn't seem to
> exist in /var/cache/yum/updates atm. on Fed-7. and I don't see it at:
> 
> http://download.fedora.redhat.com/pub/fedora/linux/updates/7/i386/repodata/
> 
> ...is pirut/pup getting this data?

Just another data point:  Updates for FC6 do seem to have the udateinfo.xml
file.  See

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/i386/repodata/

However, extras for FC6 do not.  See

ftp://download.fedora.redhat.com/pub/fedora/linux/extras/6/i386/repodata/

(Note the ftp protocol.  The directory contains an index.html file that
redirects you to a repoview index page.)  I don't know if this is for political
or technical reasons.  Naively, I would think that since the F7 updates repo
also applies to stuff that used to be in extras, then FC6 extras would have an
updateinfo.xml file along with FC6 updates.
Comment 7 Till Maas 2007-09-05 05:40:05 EDT
FYI: It is a known bug that there is no updateinfo.xml for Fedora 7:
https://hosted.fedoraproject.org/projects/bodhi/ticket/47
Comment 8 Seth Vidal 2008-03-13 09:46:08 EDT
Okay this entire bug seems to be based in that we didn't have the infrastructure
in place to generate the updateinfo xml files for all versions of the distro.

Since fc6 is EOL'd and f7 and f8 get their updateinfo generated by bodhi I think
we can safely close this bug as fixed - currentrelease

Note You need to log in before you can comment on or make changes to this bug.