This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 351051 - yum-updatesd / puplet doesn't work
yum-updatesd / puplet doesn't work
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
5.1
All Linux
urgent Severity urgent
: rc
: ---
Assigned To: Daniel Walsh
: ZStream
Depends On:
Blocks: 348611 352551
  Show dependency treegraph
 
Reported: 2007-10-24 14:25 EDT by Daniel Walsh
Modified: 2013-01-09 23:28 EST (History)
9 users (show)

See Also:
Fixed In Version: RHBA-2008-0465
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-21 12:05:55 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Daniel Walsh 2007-10-24 14:25:48 EDT
+++ This bug was initially created as a clone of Bug #348611 +++

Description of problem:
After installation, registration plugin successfully registered my machine,
after that subsequent "yum update" commands worked fine. However, puplet always
displays "Retrieving update information". I tried running yum-updatesd from
cmdline, output attached.

Version-Release number of selected component (if applicable):
yum-3.0.1-10.gd1

-- Additional comment from mbabej@redhat.com on 2007-10-23 06:53 EST --
Created an attachment (id=234921)
"yum-updatesd -f -d" output


-- Additional comment from katzj@redhat.com on 2007-10-23 10:03 EST --
selinux-policy in rhgd doesn't allow for the things the newer yum-updatesd is
trying to do.  

-- Additional comment from mbabej@redhat.com on 2007-10-23 10:20 EST --
after running "setenforce 0", "Introspect error" line is gone, the rest remains
the same.

I also tried running with selinux=0 on kernel cmdline, same results.

-- Additional comment from bkahn@redhat.com on 2007-10-23 10:59 EST --
We need this fixed before release.  Not a beta blocker because no updates will
be allowed.

-- Additional comment from rstrode@redhat.com on 2007-10-23 11:06 EST --
This is going to be a real issue I think.  We don't want to fork selinux policy
from RHEL.

-- Additional comment from rstrode@redhat.com on 2007-10-23 11:23 EST --
Michal, can you post the output of audit2allow -a ?

-- Additional comment from dwalsh@redhat.com on 2007-10-23 12:28 EST --
What version of policy is this using?  RHEL5.1 policy should be used.

-- Additional comment from rstrode@redhat.com on 2007-10-23 13:33 EST --
yea, should be using the 5.1 policy (and track the z-stream for 5.1).  we
haven't forked selinux-policy from rhel afaik.

-- Additional comment from dwalsh@redhat.com on 2007-10-23 14:13 EST --
Ok I looked a little more into this,  And SELInux is preventing networkmanager
and yum-updated from communicating over dbus.  I have fixed this in 

selinux-policy-2.4.6-106.2.el5_1

But Franz says there are other problems.

I will build once we have the appropriate acks in place.

-- Additional comment from rstrode@redhat.com on 2007-10-23 17:36 EST --
Created an attachment (id=235601)
don't emit "UpdatesApplied" signal if there were no updates

dbus doesn't handle empty lists too well (unless you specify a signature
manually which we could do).

On the other hand, it doesn't make sense to emit UpdatesApplied, if no updates
were applied anyway, so the right fix seems to be to check for that and not
emit in that case.

-- Additional comment from rstrode@redhat.com on 2007-10-23 17:38 EST --
reassigning to Robin since he's the mayhem yum guy and it doesn't make sense for
this to be assigned to Jeremy.

Marking MODIFIED for QA.

-- Additional comment from katzj@redhat.com on 2007-10-23 18:06 EST --
Note that there's a more complete fix in yum-updatesd-0.7 (current git head)

-- Additional comment from dwalsh@redhat.com on 2007-10-23 20:23 EST --
So do we need to update selinux-policy or wait for 5.2

-- Additional comment from jkeating@redhat.com on 2007-10-23 20:30 EST --
Is there any way to issue this as a 5.1z update, rolled in with any other 5.1z
updates for selinux-policy?  We can inherit the build from 5.1z in our product.
 Otherwise we'd have to fork selinux-policy and nobody feels good about that :/

-- Additional comment from mbabej@redhat.com on 2007-10-24 05:36 EST --
I tested the patch from commment #10, now yum-updatesd-helper seems working (no
backtrace).

Also, i set the gconf key /apps/puplet/always_show to true for testing, and
puplet's trayicon tooltip is always "Retrieving update information". So i played
around a bit, and found out yum-updatesd-helper doesn't emit update information
when called with "--apply":

[root@dhcp-lab-151 ~]# /usr/libexec/yum-updatesd-helper --check --apply --dbus
--debug
Loading "installonlyn" plugin
Loading "rhnplugin" plugin
[root@dhcp-lab-151 ~]# /usr/libexec/yum-updatesd-helper --check --dbus --debug
Loading "installonlyn" plugin
Loading "rhnplugin" plugin
0 updates available

Is this a bug ?
Comment 1 RHEL Product and Program Management 2007-10-24 14:34:38 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 5 Benjamin Kahn 2007-10-25 13:42:13 EDT
This is needed by Global Desktop to make package updating work correctly.
Setting urgent/urgent.
Comment 6 Benjamin Kahn 2007-10-25 13:42:33 EDT
This is needed by Global Desktop to make package updating work correctly.
Setting urgent/urgent.
Comment 10 errata-xmlrpc 2008-05-21 12:05:55 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2008-0465.html

Note You need to log in before you can comment on or make changes to this bug.