Bug 665919 - repodiff uses stale metadata cache in subsequent runs
repodiff uses stale metadata cache in subsequent runs
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: yum-utils (Show other bugs)
5.5
All All
medium Severity medium
: rc
: ---
Assigned To: James Antill
BaseOS QE Security Team
:
Depends On:
Blocks: 709972 727586
  Show dependency treegraph
 
Reported: 2010-12-27 18:14 EST by Marcelo Moreira de Mello
Modified: 2014-01-21 01:20 EST (History)
5 users (show)

See Also:
Fixed In Version: yum-utils-1.1.16-15.el5
Doc Type: Bug Fix
Doc Text:
Previously, the repodiff utility used a stale metadata cache in subsequent runs. When two repodiff commands were executed in succession, the second run reused cached data from the first. This bug has been fixed and repodiff now properly validates the metadata if a connection cannot be established or the cached data are about to be reused.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-07-21 07:13:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Test connection on arguments passed (1.95 KB, patch)
2010-12-28 14:02 EST, Marcelo Moreira de Mello
no flags Details | Diff
--nocache option (1.48 KB, patch)
2010-12-28 14:03 EST, Marcelo Moreira de Mello
no flags Details | Diff

  None (edit)
Description Marcelo Moreira de Mello 2010-12-27 18:14:41 EST
Description of problem:

When running two repodiff commands in succession, the second run will reuse cached data from the first. 
Version-Release number of selected component (if applicable):


How reproducible:
100%
Red Hat Enterprise Linux 5.5

Steps to Reproduce:
1. repodiff -old=http://mirror.optus.net/fedora/linux/releases/13/Fedora/source/SRPMS/ --new=http://mirror.optus.net/fedora/linux/releases/13/Fedora/source/SRPMS/ --new=http://mirror.optus.net/fedora/linux/updates/13/SRPMS/ > /tmp/first.out

2. repodiff --old=http://doesnotexist.example.com/ --new=http://doesnotexist.example.com --new=http://reallydoesnotexist.example.com  > /tmp/noexist.out

3. diff /tmp/first.out /tmp/noexist.out

4. rm -rf /var/tmp/yum-*

5. repodiff --old=http://doesnotexist.example.com/ --new=http://doesnotexist.example.com --new=http://reallydoesnotexist.example.com  > /tmp/noexist.out
  
Actual results:

Even using a not valid host on the second run, repodiff reuse the cached data. 


Expected results:
repodiff validate when not connect or before reuse the cached data.
Comment 1 Marcelo Moreira de Mello 2010-12-27 18:22:58 EST
See also 
      https://bugzilla.redhat.com/show_bug.cgi?id=665920 (for Fedora)
Comment 2 Marcelo Moreira de Mello 2010-12-28 14:02:21 EST
Created attachment 470992 [details]
Test connection on arguments passed
Comment 3 Marcelo Moreira de Mello 2010-12-28 14:03:11 EST
Created attachment 470993 [details]
--nocache option
Comment 5 Marcelo Moreira de Mello 2011-01-04 06:39:39 EST
Comment on attachment 470992 [details]
Test connection on arguments passed

>Index: yum-utils-1.1.16/repodiff.py
>===================================================================
>--- yum-utils-1.1.16.orig/repodiff.py
>+++ yum-utils-1.1.16/repodiff.py
>@@ -20,6 +20,8 @@ import sys
> import time
> import os
> import locale
>+import socket
>+import string 
> import shutil
> 
> from optparse import OptionParser
>@@ -104,6 +106,31 @@ class DiffYum(yum.YumBase):
>                  
>         return ygh
> 
>+    def check_connection(self, url):
>+        local = 0
>+        url_port = url.split(":")[0]
>+        url_name = url.split("/")[2]
>+        if (url_port == "http"):
>+            url_port = 80
>+        elif (url_port == "https"):
>+            url_port = 443
>+        elif (url_port == "ftp"):
>+            url_port = 21
>+        elif (url_port == "file"):
>+            dir_name = url.split("/")[3]
>+            local = 1
>+        else:
>+            print "YumRepo Error: All mirror URLs are not using ftp, http[s] or file."
>+            sys.exit(1)
>+        if (local == 0):
>+            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
>+            sock.settimeout(5)
>+            try:
>+                sock.connect((url_name, url_port))
>+            except socket.error:
>+                print "Connection Error: %s not reachable or does not exists" %(url_name)
>+                sys.exit(1)
>+            sock.close()
> 
> def parseArgs(args):
>     """
>@@ -158,6 +185,7 @@ def main(args):
>         if not opts.quiet: print "setting up old repo %s" % r
>         try:
>             my.dy_setup_repo('old', r)
>+            my.check_connection(r)
>         except yum.Errors.RepoError, e:
>             print "Could not setup repo at url  %s: %s" % (r, e)
>             sys.exit(1)
>@@ -166,6 +194,7 @@ def main(args):
>         if not opts.quiet: print "setting up new repo %s" % r
>         try:
>             my.dy_setup_repo('new', r)
>+            my.check_connection(r)
>         except yum.Errors.RepoError, e:
>             print "Could not setup repo at url %s: %s" % (r, e)
>             sys.exit(1)
Comment 6 Marcelo Moreira de Mello 2011-01-04 06:41:12 EST
Hello, 

Customer confirmed that patch worked.
Comment 12 James Antill 2011-05-31 17:32:38 EDT
And, of course, I got the test the wrong way around in the patch. So test with:

if not self.timestamp_check:
Comment 13 Karel Srot 2011-06-01 03:59:56 EDT
Hi James, that fixed the problem. We should probably add it the fix yum RHEL5.7 errata.

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Test
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'repodiff --old=http://download.devel.redhat.com/released/RHEL-5-Server/U4/source/SRPMS/ --new=http://download.devel.redhat.com/released/RHEL-5-Server/U6/source/SRPMS/ > 1st.log'
:: [   PASS   ] :: File '1st.log' should contain 'Added Packages: 29'
:: [   PASS   ] :: File '1st.log' should contain 'Removed Packages: 0'
:: [   PASS   ] :: File '1st.log' should contain 'Modified Packages: 343'
:: [   PASS   ] :: Running 'repodiff --old=http://download.devel.redhat.com/released/RHEL-5-Server/U5/source/SRPMS/ --new=http://download.devel.redhat.com/released/RHEL-5-Server/U6/source/SRPMS/ > 2nd.log'
:: [   PASS   ] :: File '2nd.log' should contain 'Added Packages: 20'
:: [   PASS   ] :: File '2nd.log' should contain 'Removed Packages: 0'
:: [   PASS   ] :: File '2nd.log' should contain 'Modified Packages: 200'
:: [   PASS   ] :: Running 'repodiff --old=http://nosuchserver.com/released/RHEL-5-Server/U5/source/SRPMS/ --new=http://nosuchserver.com/released/RHEL-5-Server/U6/source/SRPMS/ > 3rd.log'
:: [   PASS   ] :: File '3rd.log' should contain 'Cannot retrieve repository metadata'
:: [   PASS   ] :: File '3rd.log' should not contain 'Added Packages: 29'
:: [   PASS   ] :: File '3rd.log' should not contain 'Added Packages: 20'
:: [   LOG    ] :: Duration: 16s
:: [   LOG    ] :: Assertions: 12 good, 0 bad
:: [   PASS   ] :: RESULT: Test
Comment 14 James Antill 2011-06-01 10:44:19 EDT
I'm happy to get this in yum for 5.7, you want to clone this BZ (AIUI you can't reassign now it's attached to the yum-utils errata)?
Comment 23 Tomas Capek 2011-07-15 12:11:40 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Previously, the repodiff utility used a stale metadata cache in subsequent runs. When two repodiff commands were executed in succession, the second run reused cached data from the first. This bug has been fixed and repodiff now properly validates the metadata if a connection cannot be established or the cached data are about to be reused.
Comment 24 errata-xmlrpc 2011-07-21 07:13:34 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1045.html

Note You need to log in before you can comment on or make changes to this bug.