Description of problem: spacewalk-repo-sync doesn't work over SSL & IPv6 correctly it seems to work all right over SSL & IPv4 it seems to work all right over IPv6 without SSL fix not available, most likely a low level pycurl / libcurl issue When it has to comunicate over SSL in IPv6 only network it end up with this traceback: # spacewalk-repo-sync -cspacewalk Traceback (most recent call last): File "/usr/bin/spacewalk-repo-sync", line 70, in ? sys.exit(abs(main() or 0)) File "/usr/bin/spacewalk-repo-sync", line 64, in main sync.main() File "/usr/lib/python2.4/site-packages/spacewalk/satellite_tools/reposync.py", line 120, in main self.import_packages(plugin, url) File "/usr/lib/python2.4/site-packages/spacewalk/satellite_tools/reposync.py", line 325, in import_packages packages = plug.list_packages(self.filters) File "/usr/lib/python2.4/site-packages/spacewalk/satellite_tools/repo_plugins/yum_src.py", line 118, in list_packages sack.populate(self.repo, 'metadata', None, 0) File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 168, in populate if self._check_db_version(repo, mydbtype): File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 226, in _check_db_version return repo._check_db_version(mdtype) File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1226, in _check_db_version repoXML = self.repoXML File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1399, in <lambda> repoXML = property(fget=lambda self: self._getRepoXML(), File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1395, in _getRepoXML raise Errors.RepoError, msg yum.Errors.RepoError: Cannot retrieve repository metadata (repomd.xml) for repository: spacewalk. Please verify its path and try again
Note to myself: from the traceback it is not directly visible but the exception is raised at: /usr/lib/python2.4/site-packages/yum/yumRepo.py +814 in function _getFile() by line: result = self.grab.urlgrab(misc.to_utf8(relative), local,
The error is raised at /usr/lib/python2.4/site-packages/urlgrabber/grabber.py +1202 in function _make_request() on line: fo = opener.open(req) (Pdb) opener.open(req) *** URLError: <urlopen error (-3, 'Temporary failure in name resolution')> (Pdb) opener <urllib2.OpenerDirector instance at 0x115e2878> (Pdb) req <urllib2.Request instance at 0x115e4fc8> (Pdb) req.get_full_url() 'https://xn--ufuk-xpa16d5h.lab.eng.brq.redhat.com/pub/repo/repodata/repomd.xml' Strange thing is stat: (Pdb) o=urllib2.OpenerDirector() (Pdb) o.open('https://xn--ufuk-xpa16d5h.lab.eng.brq.redhat.com/pub/repo/repodata/repomd.xml') does not raise exception.
/usr/lib/python2.4/site-packages/urlgrabber/grabber.py +1075 while (Pdb) opener.open(req) *** URLError: <urlopen error (-3, 'Temporary failure in name resolution')> fail, the pure: (Pdb) o=urllib2.OpenerDirector() (Pdb) o.open(req) does not fail. Is the problem in opener?
This is problem in m2crypto (or it can be workarounded in urlgrabber). See bug 742914
With RHEL 6.3 released, moving ON_QA.
Failed to verify with version m2crypto-0.20.2-9.el6 # curl -k https://kvm11.virtual/myrepo/ <!DOCTYPE HTML PUBLIC... # spacewalk-repo-sync -c myrepo -u http://kvm11.virtual/myrepo/ Repo URL: http://kvm11.virtual/myrepo/ Packages in repo: 3 Packages already synced: 0 Packages to sync: 3 1/3 : libxml2-python-2.7.6-4.el6_2.4-0.x86_64 2/3 : rhnlib-2.5.22-12.el6-0.noarch 3/3 : pyOpenSSL-0.10-2.el6-0.x86_64 Repo http://kvm11.virtual/myrepo/ has 0 errata. Sync completed. Total time: 0:00:00 # spacewalk-repo-sync -c myrepo -u https://kvm11.virtual/myrepo/ Traceback (most recent call last): File "/usr/bin/spacewalk-repo-sync", line 100, in <module> sys.exit(abs(main() or 0)) File "/usr/bin/spacewalk-repo-sync", line 93, in main sync.sync() File "/usr/lib/python2.6/site-packages/spacewalk/satellite_tools/reposync.py", line 100, in sync self.import_packages(plugin, repo_id, url) File "/usr/lib/python2.6/site-packages/spacewalk/satellite_tools/reposync.py", line 303, in import_packages packages = plug.list_packages(filters) File "/usr/lib/python2.6/site-packages/spacewalk/satellite_tools/repo_plugins/yum_src.py", line 151, in list_packages self.sack.populate(self.repo, 'metadata', None, 0) File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 165, in populate if self._check_db_version(repo, mydbtype): File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 223, in _check_db_version return repo._check_db_version(mdtype) File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 1256, in _check_db_version repoXML = self.repoXML File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 1455, in <lambda> repoXML = property(fget=lambda self: self._getRepoXML(), File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 1451, in _getRepoXML raise Errors.RepoError, msg yum.Errors.RepoError: Cannot retrieve repository metadata (repomd.xml) for repository: myrepo. Please verify its path and try again
I'm confirming traceback from comment #9, but it is not caused by a bug in our code. The traceback shown is just the following error from urlgrabber disguised as a yum exception: 'Peer certificate cannot be authenticated with known CA certificates' The thing is going to work correctly with latest spacewalk-backend as long as you set ssl* directives in /etc/rhn/spacewalk-repo-sync/yum.conf correctly. All verified with m2crypto-0.20.2-9.el6 and m2crypto-0.16-9.el5.x86_64.
Spacewalk 1.9 has been released. https://fedorahosted.org/spacewalk/wiki/ReleaseNotes19