Bug 864999 - pulp doesnt handle errata spanning across multiple repos case
pulp doesnt handle errata spanning across multiple repos case
Status: CLOSED ERRATA
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Content Management (Show other bugs)
6.0.0
Unspecified Unspecified
unspecified Severity high (vote)
: Unspecified
: --
Assigned To: Og Maciel
Og Maciel
: Triaged
Depends On: 860800
Blocks: 860802
  Show dependency treegraph
 
Reported: 2012-10-10 11:16 EDT by Mike McCune
Modified: 2014-09-18 11:32 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Pulp could no handle errat soanning across multiple repositories. This fix merges errata from multiple repositories if their pkglist collection does not match.
Story Points: ---
Clone Of: 860800
Environment:
Last Closed: 2012-12-04 14:57:10 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mike McCune 2012-10-10 11:16:24 EDT
+++ This bug was initially created as a clone of Bug #860800 +++

Description from email from Andreas Piesk:

let's take errata RHBA-2012:1305 for example. Red Hat published for "RHEL 6 Workstation i386" the
following affected packages (see https://rhn.redhat.com/errata/RHBA-2012-1305.html):

openswan-2.6.32-19.el6_3.src.rpm
openswan-2.6.32-19.el6_3.i686.rpm
openswan-debuginfo-2.6.32-19.el6_3.i686.rpm
openswan-doc-2.6.32-19.el6_3.i686.rpm

this is an errata spanning multiple repos, namely 'optional' and 'os':

updateinfo.xml "rhel-i386-workstation-optional-6":

<id>RHBA-2012:1305</id>
<title>openswan bug fix update</title>
<issued date="2012-09-24 00:00:00"/><updated date="2012-09-24 00:00:00"/>
<pkglist><collection short="rhel-i386-workstation-optional-6">
<filename>openswan-doc-2.6.32-19.el6_3.i686.rpm</filename>
</collection>
</pkglist>


updateinfo.xml "rhel-i386-workstation-os-6":

<id>RHBA-2012:1305</id>
<title>openswan bug fix update</title>
<issued date="2012-09-24 00:00:00"/>
<updated date="2012-09-24 00:00:00"/>
<pkglist><collection short="rhel-i386-workstation-6">
<filename>openswan-2.6.32-19.el6_3.i686.rpm</filename>
</package></collection></pkglist>

but pulp-admin shows only one filename, the one from repo 'os':

$ pulp-admin errata info --id RHBA-2012:1305

Id                    	RHBA-2012:1305
Title                 	openswan bug fix update

Type                  	bugfix
Issued                	2012-09-24 00:00:00
Updated               	2012-09-24 00:00:00
Version               	1
Release               	
Status                	final
Packages Effected     	openswan-2.6.32-19.el6_3.i686.rpm
Reboot Suggested      	False
References            	
			href : https://rhn.redhat.com/errata/RHBA-2012-1305.html
			type : self
			id : None
			title : RHBA-2012:1305


a json dump of errata in 'class Info(ErrataAction)' shows:

    "id": "RHBA-2012:1305",
    "issued": "2012-09-24 00:00:00",
    "pkglist": [
        {
            "name": "Red Hat Enterprise Linux Workstation (v. 6 for 32-bit x86)",
            "packages": [
                {
                    "arch": "i686",
                    "epoch": "0",
                    "filename": "openswan-2.6.32-19.el6_3.i686.rpm",
                    "name": "openswan",
                    "release": "19.el6_3",
                    "src": "openswan-2.6.32-19.el6_3.src.rpm",
                    "sum": [
                        "sha256",
                        "02deefd2ab19a440da74992fa03ae1de7e9a2dd017fc42257981027ade0a7206"
                    ],
                    "version": "2.6.32"
                }
            ],
            "short": "rhel-i386-workstation-6"
        }
    ],
    "repoids": [
        "rhel6Workstation-i386-os",
        "rhel6Workstation-i386-optional"
    ],

as far as i understand the code, the first errata with this id, in this case from
"rhel6Workstation-i386-os" is stored and assigned to "rhel6Workstation-i386-os". the errata with the
same id from "rhel6Workstation-i386-optional" has the same timestamp and is ignored
(sync_updateinfo_data()) _but_ the id is saved and used in _add_erratum() to assign this errata to
"rhel6Workstation-i386-optional".
so basically the errata from one repo with a filelist x is used for all repos which have the same
errata but with a dfferent filelist.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

--- Additional comment from pkilambi@redhat.com on 2012-10-02 12:01:19 EDT ---

fixed! commit 86125ca3ab40dbbe53b7c1aedbe0466318c0a10a

--- Additional comment from jortel@redhat.com on 2012-10-04 09:23:38 EDT ---

build: 1.1.13

--- Additional comment from pthomas@redhat.com on 2012-10-04 13:31:45 EDT ---

verified
[root@pulp-v1-server ~]# rpm -q pulp
pulp-1.1.13-1.el6.noarch
[root@pulp-v1-server ~]# 

[root@pulp-v1-server ~]# pulp-admin errata info --id RHBA-2012:1305

Id                    	RHBA-2012:1305           
Title                 	openswan bug fix update  
Description           	Openswan is a free implementation of IPsec (Internet Protocol Security) and IKE
(Internet Key Exchange) for Linux. The openswan packages contain daemons and
user-space tools for setting up Openswan. It supports the NETKEY/XFRM IPsec
kernel stack that exists in the default Linux kernel. Openswan 2.6 and later
also supports IKEv2 (Internet Key Exchange Protocol version 2), which is defined
in RFC5996.

This update fixes the following bug:

* When a tunnel was established between two IPsec hosts (say host1 and host2)
utilizing DPD (Dead Peer Detection), and if host2 went offline while host1
continued to transmit data, host1 continually queued multiple phase 2 requests
after the DPD action. When host2 came back online, the stack of pending phase 2
requests was established, leaving a new IPsec SA (Security Association), and a
large group of extra SA's that consumed system resources and eventually expired.
This update ensures that openswan has just a single pending phase 2 request
during the time that host2 is down, and when host2 comes back up, only a single
new IPsec SA is established, thus preventing this bug. (BZ#852454)

All users of openswan are advised to upgrade to these updated packages, which
fix this bug.

Type                  	bugfix                   
Issued                	2012-09-24 00:00:00      
Updated               	2012-09-24 00:00:00      
Version               	1                        
Release               	                         
Status                	final                    
Packages Effected     	openswan-2.6.32-19.el6_3.i686.rpm,
			openswan-doc-2.6.32-19.el6_3.i686.rpm
Reboot Suggested      	False                    
References            	
			href : https://rhn.redhat.com/errata/RHBA-2012-1305.html
			type : self
			id : None
			title : RHBA-2012:1305


[root@pulp-v1-server ~]#

--- Additional comment from pthomas@redhat.com on 2012-10-04 13:34:29 EDT ---

[root@pulp-v1-server ~]# pulp-admin repo list
+------------------------------------------+
       List of Available Repositories
+------------------------------------------+

Id                 	rhel-6-w                 
Name               	rhel-6-w                 
Repo URL           	https://pulp-v1-server.usersys.redhat.com/pulp/repos/content/dist/rhel/workstation/6/6.3/i386/os/
Feed URL           	https://cdn.redhat.com/content/dist/rhel/workstation/6/6.3/i386/os
Feed Type          	remote                   
Content Type       	yum                      
Feed Certs         	CA:Yes   Cert:Yes
Consumer Certs     	CA:No   Cert:No
Architecture       	noarch                   
Sync Schedule      	None                     
Packages           	7319                     
Files              	0                        
Distributions      	ks-Red Hat Enterprise Linux-Workstation-6.3-i386
Publish            	True                     
Clones             	[]                       
Groups             	None                     
Filters            	[]                       
Notes              	{}                       
Preserve Metadata  	True                     
Checksum Type      	sha                      


Id                 	rhel-6-w-optional        
Name               	rhel-6-w-optional        
Repo URL           	https://pulp-v1-server.usersys.redhat.com/pulp/repos/content/dist/rhel/workstation/6/6.3/i386/optional/os/
Feed URL           	https://cdn.redhat.com/content/dist/rhel/workstation/6/6.3/i386/optional/os/
Feed Type          	remote                   
Content Type       	yum                      
Feed Certs         	CA:Yes   Cert:Yes
Consumer Certs     	CA:No   Cert:No
Architecture       	noarch                   
Sync Schedule      	None                     
Packages           	3207                     
Files              	0                        
Distributions      	None                     
Publish            	True                     
Clones             	[]                       
Groups             	None                     
Filters            	[]                       
Notes              	{}                       
Preserve Metadata  	True                     
Checksum Type      	sha                      


[root@pulp-v1-server ~]#
Comment 1 Mike McCune 2012-10-15 19:07:08 EDT
this is already in pulp-1.1.13-1.el6cf:

https://bugzilla.redhat.com/show_bug.cgi?id=860800#c2

forcing this into 1.1
Comment 4 Og Maciel 2012-10-17 05:38:14 EDT
* With only 1 channel enabled

[root@qetello01 ~]# pulp-admin errata info --id RHBA-2012:1305

Id                    	RHBA-2012:1305           
Title                 	openswan bug fix update  
Description           	Openswan is a free implementation of IPsec (Internet Protocol Security) and IKE
(Internet Key Exchange) for Linux. The openswan packages contain daemons and
user-space tools for setting up Openswan. It supports the NETKEY/XFRM IPsec
kernel stack that exists in the default Linux kernel. Openswan 2.6 and later
also supports IKEv2 (Internet Key Exchange Protocol version 2), which is defined
in RFC5996.

This update fixes the following bug:

* When a tunnel was established between two IPsec hosts (say host1 and host2)
utilizing DPD (Dead Peer Detection), and if host2 went offline while host1
continued to transmit data, host1 continually queued multiple phase 2 requests
after the DPD action. When host2 came back online, the stack of pending phase 2
requests was established, leaving a new IPsec SA (Security Association), and a
large group of extra SA's that consumed system resources and eventually expired.
This update ensures that openswan has just a single pending phase 2 request
during the time that host2 is down, and when host2 comes back up, only a single
new IPsec SA is established, thus preventing this bug. (BZ#852454)

All users of openswan are advised to upgrade to these updated packages, which
fix this bug.

Type                  	bugfix                   
Issued                	2012-09-24 00:00:00      
Updated               	2012-09-24 00:00:00      
Version               	1                        
Release               	                         
Status                	final                    
Packages Effected     	openswan-2.6.32-19.el6_3.x86_64.rpm
Reboot Suggested      	False                    
References            	
			href : https://rhn.redhat.com/errata/RHBA-2012-1305.html
			type : self
			id : None
			title : RHBA-2012:1305


* With 2 channels enabled:

# pulp-admin errata info --id RHBA-2012:1305

Id                    	RHBA-2012:1305           
Title                 	openswan bug fix update  
Description           	Openswan is a free implementation of IPsec (Internet Protocol Security) and IKE
(Internet Key Exchange) for Linux. The openswan packages contain daemons and
user-space tools for setting up Openswan. It supports the NETKEY/XFRM IPsec
kernel stack that exists in the default Linux kernel. Openswan 2.6 and later
also supports IKEv2 (Internet Key Exchange Protocol version 2), which is defined
in RFC5996.

This update fixes the following bug:

* When a tunnel was established between two IPsec hosts (say host1 and host2)
utilizing DPD (Dead Peer Detection), and if host2 went offline while host1
continued to transmit data, host1 continually queued multiple phase 2 requests
after the DPD action. When host2 came back online, the stack of pending phase 2
requests was established, leaving a new IPsec SA (Security Association), and a
large group of extra SA's that consumed system resources and eventually expired.
This update ensures that openswan has just a single pending phase 2 request
during the time that host2 is down, and when host2 comes back up, only a single
new IPsec SA is established, thus preventing this bug. (BZ#852454)

All users of openswan are advised to upgrade to these updated packages, which
fix this bug.

Type                  	bugfix                   
Issued                	2012-09-24 00:00:00      
Updated               	2012-09-24 00:00:00      
Version               	1                        
Release               	                         
Status                	final                    
Packages Effected     	openswan-2.6.32-19.el6_3.x86_64.rpm,
			openswan-doc-2.6.32-19.el6_3.x86_64.rpm
Reboot Suggested      	False                    
References            	
			href : https://rhn.redhat.com/errata/RHBA-2012-1305.html
			type : self
			id : None
			title : RHBA-2012:1305
Comment 5 Og Maciel 2012-10-17 05:38:49 EDT
Verified:

* candlepin-0.7.8.1-1.el6cf.noarch
* candlepin-selinux-0.7.8.1-1.el6cf.noarch
* candlepin-tomcat6-0.7.8.1-1.el6cf.noarch
* katello-1.1.12-16.el6cf.noarch
* katello-all-1.1.12-16.el6cf.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.1.8-1.el6cf.noarch
* katello-cli-1.1.8-7.el6cf.noarch
* katello-cli-common-1.1.8-7.el6cf.noarch
* katello-common-1.1.12-16.el6cf.noarch
* katello-configure-1.1.9-7.el6cf.noarch
* katello-glue-candlepin-1.1.12-16.el6cf.noarch
* katello-glue-pulp-1.1.12-16.el6cf.noarch
* katello-qpid-broker-key-pair-1.0-1.noarch
* katello-qpid-client-key-pair-1.0-1.noarch
* katello-selinux-1.1.1-1.el6cf.noarch
* pulp-1.1.13-1.el6cf.noarch
* pulp-admin-1.1.13-1.el6cf.noarch
* pulp-client-lib-1.1.13-1.el6cf.noarch
* pulp-common-1.1.13-1.el6cf.noarch
* pulp-selinux-server-1.1.13-1.el6cf.noarch
Comment 8 errata-xmlrpc 2012-12-04 14:57:10 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-1543.html

Note You need to log in before you can comment on or make changes to this bug.