Red Hat Satellite server must be the source of all packages installed on each and every RedHat host in a given place. If this is not the case patching will never be 100% dull, instead it will always be interesting and adventurous event…. The case in point… System administrator complains that while patching a host its operating system complains about few
python libraries. A quick investigation shows that the host has many duplicate packages – some from EPEL some from IBM (in this particular case). What is going on is this – during an upgrade process
yum identifies the package its know about (as it was installed by
yum from a known repo) and it deletes it. Next, just prior to installing the updated version it does check for the presence of the package using its general name… Here it is where the process fails as it find the other package present – both packages share the same general name. What follows is an excerpt from error messages generated trying to update the package (
In our case these packages are
Error unpacking rpm package python-ply-3.4-4.el6.noarch error: unpacking of archive failed on file /usr/lib/python2.6/site-packages/ply-3.4-py2.6.egg-info: cpio: rename python-ply-3.4-1.ibm.el6.noarch was supposed to be removed but is not!
With some knowledge of
yum and a bit of persistence, one my get the
yum -y update to completion by passing over the issues related to the presence of duplicate packages but this does not mean that the system has really been patched as the following command proves.
# yum --security check-update Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager This system is receiving updates from RHN Classic or RHN Satellite. prodclone-epel_rhel6_x86_64 | 1.3 kB 00:00 Limiting package lists to security relevant ones epel/updateinfo | 1.0 MB 00:00 1 package(s) needed for security, out of 4 available Security: kernel-2.6.32-573.el6.x86_64 is an installed security update Security: kernel-2.6.32-504.16.2.el6.x86_64 is the currently running version python-pip.noarch 7.1.0-1.el6 epel python-ply.noarch 3.4-4.el6 prodclone-epel_rhel6_x86_64
To fully patch this host, one should first remove the package or packages (even better) that were installed outside the Satellite server. In this case we will start with the first offender.
# yum remove python-ply-3.4-1.ibm.el6.noarch
By the way, a lot of “depending” ibm packages will be removed at this step. When the last command exits, we will finally be able to install/upgrade the right
# yum –y update python-ply oaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager This system is receiving updates from RHN Classic or RHN Satellite. Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package python-ply.noarch 0:3.4-4.el6 will be installed --> Finished Dependency Resolution ...............
Now, let’s check if all security errata have been applied.
# yum --security check-update -q
The last command generates no output – there are no applicable security errata. Are there any other non-security related errata which are still waiting to be installed?
# yum update Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager This system is receiving updates from RHN Classic or RHN Satellite. Setting up Update Process No Packages marked for Update
Nothing to patch here. You could also login to the Satellite server, select the appropriate host and open its “errata” tab which should be empty validating the output of the last two commands.