PDA

View Full Version : Update Failed Today..?


billybob linux
22nd October 2011, 11:38 AM
I just done an update today and I got a notification that updates failed.
This the Beta of F16 installed yesterday

Two items failed to update:
sssd-System Security Services Daemon

And

sssd-client-SSSD Client libraries for NSS and PAM

Here is a description of the updates:

This update will fix bugs and other non-critical problems.
This notification was issued on 20/10/2011 02:18.
2011-10-21: Added selinux-policy and updated SSSD with explicit Requires


FreeIPA:

== What happened to 2.1.2 ?

After looking at this I installed FreeIPA.
On checking the FreeIPA version I see that it is
2.1.3-4.fc16.
I might be wrong but are these updates for an older version of FreeIPA, then again I might be off on completely the wrong track.
Do I even need these updates, have I missed something ? Is there something enabled or disabled in the configuration that needs setting up that I missed?

It's not a showstopper but more of a minor annoyance right now. After all this is still the beta version (F16):)

fantab
22nd October 2011, 12:29 PM
Yes it failed for me too I used yum update.

Error: Package: sssd-1.6.2-3.fc16.x86_64 (updates-testing)
Requires: selinux-policy >= 3.10.0-46
Installed: selinux-policy-3.10.0-45.1.fc16.noarch (@updates-testing)
selinux-policy = 3.10.0-45.1.fc16
Available: selinux-policy-3.10.0-40.fc16.noarch (fedora)
selinux-policy = 3.10.0-40.fc16
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest

More Info about the update:
This update will fix bugs and other non-critical problems.
This notification was issued on 10/20/2011.
2011-10-21: Added selinux-policy and updated SSSD with explicit Requires
FreeIPA:
== What happened to 2.1.2!? ==
Right after tagging 2.1.2 we found an upgrade issue that would have affected any users using the selfsign CA (installed with --selfsign). We decided to hold back the release, fix a few more bugs, and just push out 2.1.3 instead about a week later. So here we are.
== Highlights in 2.1.3 ==
• Enforce that system hostname matches hostname of IPA server.
• Require that /etc/hosts is sane even when configuring DNS.
• Increase default server-side LDAP search limits.
• Client enrollment improvements including longer wait for sssd to start, recovery if discovered IPA server is not responsive and when anonymous bind is disabled in 389-ds.
== Highlights in 2.1.2 ==
• Upgrade older dogtag installs to use new PKI proxy configuration
• hbactest improvements
• Added platform-independent code to make ipa-client-install more portable
• Make client uninstaller more robust, should restore state more completely.
• UI usability improvements
• Tool for Enabling/Disabling Managed Entry Plugins
• Managed Entries configuration is now replicated
• IPv6 client enrollment improvements
• Man page improvements
• Performance improvements when calculating indirect membership
• Improved handling of disabled anonymous binds in 389-ds
• user is now prompted to enter current password when changing to a new password
• ipa server now support multiple namingContexts. ipa-client-install and password migration were fixed
== Upgrading ==
To upgrade a 2.0.0, 2.0.1 or 2.1.0 server do the following: # yum update freeipa-server --enablerepo=updates-testing
This will pull in updated freeIPA, 389-ds, dogtag, libcurl and xmlrpc-c packages (and perhaps some others). A script will be executed in the rpm postinstall phase to update the IPA LDAP server with any required changes.
There is a bug reported against 389-ds, https://bugzilla.redhat.com/show_bug.cgi?id=730387, related to read-write locks. The NSPR RW lock implementation does not safely allow re-entrant use of reader locks. This is a timing issue so it is difficult to predict. During testing one user experienced this and the upgrade hung. To break the hang kill the ns-slapd process for your realm, wait for the yum transaction to complete, then restart 389-ds and manually run the update process:
# service dirsrv start # ipa-ldap-updater --update
The ipa-client-install tool in the ipa-client package is just a configuration tool. There should be no need to re-run this on every client already enrolled.
SSSD: == Highlights ==
• Improved handling of users and groups with multi-valued name attributes (aliases)
• Performance enhancements * Initgroups on RFC2307bis/FreeIPA * HBAC rule processing
• Improved process-hang detection and restarting
• Enabled the midpoint cache refresh by default (fewer cache misses on commonly-used entries)
• Cleaned up the example configuration
389-ds-base:
• fix config del/add mods
• memberof is transaction aware resource
• limits for simple paged results
• Native systemd support
• Fix for managed entry
• Fixed source tarball
• fix transaction support in ldbm_delete

For more information about this update please visit this website:
• https://admin.fedoraproject.org/updates/F16/FEDORA-2011-14614.
For more information about bugs fixed by this update please visit these websites:
• https://bugzilla.redhat.com/show_bug.cgi?id=699785.
• https://bugzilla.redhat.com/show_bug.cgi?id=741744.
• https://bugzilla.redhat.com/show_bug.cgi?id=743966.
• https://bugzilla.redhat.com/show_bug.cgi?id=740942.
• https://bugzilla.redhat.com/show_bug.cgi?id=742324.
• https://bugzilla.redhat.com/show_bug.cgi?id=695736.
• https://bugzilla.redhat.com/show_bug.cgi?id=735114.
This is a test update, and is not designed for normal use. Please report any problems or regressions you encounter.

ah7013
22nd October 2011, 12:40 PM
It failed here too - both with a yum update and Apper (New KDE PackageKit frontend in Fedora 16).

billybob linux
22nd October 2011, 04:48 PM
Thanks for the feedback and help here :) Since others are seeing the same issue with the update, I guess it will eventually be looked at. I can live with it, no problem, but I thought I would flag it up in case this was something related to my own setup here, I just set Apper to "never" for updates for now and will change it in a few days or if a fix is released. Thanks guys

xjonquilx
22nd October 2011, 05:34 PM
Yum update is failing here too. I get this:

jonquil@jonquil ~$ sudo yum update
[sudo] password for jonquil:
Loaded plugins: langpacks, presto, refresh-packagekit
Error: no such table: packages

monkeypigs
22nd October 2011, 09:32 PM
Fresh install today, and exactly the same here. Anyone any suggestions?
Thanks

fedvasu
22nd October 2011, 09:47 PM
Fresh install today, and exactly the same here. Anyone any suggestions?
Thanks

just skip those updates , here is how , it will be fixed eventually

yum update --skip-broken


as posted by others ,bug in bugzilla has been filed , don't worry about it.

xjonquilx
23rd October 2011, 12:34 AM
Updating is working fine now here.

billybob linux
23rd October 2011, 06:34 AM
@xjonquilx, glad to see you have your updates working. Reading your post I think you may have had a slightly different update issue.

I have just tried again and the update fails with the same two updates I posted at the start of the thread and it might be related to recent installs (from reading other posts such as monkeypigs)) .
As fedvasu said it will get fixed at some point. I am using F16 Beta and to me this is a minor update issue and everything else is running well so far, not bad for a Beta release :)

Again, thanks for the feedback everybody, much appreciated.

monkeypigs
23rd October 2011, 11:37 AM
Here's the following output when I use --skip-broken

Packages skipped because of dependency problems:
sssd-1.6.2-3.fc16.x86_64 from updates-testing
Error: Protected multilib versions: sssd-client-1.6.2-3.fc16.x86_64 != sssd-client-1.6.1-1.fc16.i686


I also tried yum -y install yum-skip-broken which suceeded, but then went to update again which gave the exact same issue,

I realise that this issue will be addressed, but how can I get the other 300 updates that are waiting to be downloaded whilst this is fixed?

Many thanks
Iain


Sorry, still getting used to Fedora after switching from Ubuntu, I disabled the testing repo and now the download is working like a charm

YeOK
23rd October 2011, 12:37 PM
You can grab the updated packages from koji, they will probably get pushed soon enough anyway.

Just run,


sudo yum update http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/46.fc16/noarch/selinux-policy-targeted-3.10.0-46.fc16.noarch.rpm http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/46.fc16/noarch/selinux-policy-3.10.0-46.fc16.noarch.rpm


or grab the required files directly from koji (The Fedora build system): http://koji.fedoraproject.org/koji/buildinfo?buildID=269914

After that, you can update as normal.

billybob linux
23rd October 2011, 01:20 PM
@YeOK That line of code has worked, updates are now all complete, thanks :thumb:
Once again, thanks everybody for the help. :)

ah7013
23rd October 2011, 01:36 PM
Thanks YeOK, that worked and I can now update. :)

cyborg
23rd October 2011, 09:37 PM
You can grab the updated packages from koji, they will probably get pushed soon enough anyway.

Just run,


sudo yum update http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/46.fc16/noarch/selinux-policy-targeted-3.10.0-46.fc16.noarch.rpm http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.10.0/46.fc16/noarch/selinux-policy-3.10.0-46.fc16.noarch.rpm


or grab the required files directly from koji (The Fedora build system): http://koji.fedoraproject.org/koji/buildinfo?buildID=269914

After that, you can update as normal.

Good shout, works a treat.

LightDot
23rd October 2011, 11:04 PM
Temporarily excluding sssd-client and sssd also works for me:

yum update -x sssd-client -x sssd

a3linux
24th October 2011, 06:42 AM
confirmed the failure.
I met it.
Just used --skip-broken to skip it now.

LightDot
24th October 2011, 01:32 PM
Already fixed here, today's update pulled the compatible versions of all the packages.

a3linux
24th October 2011, 04:49 PM
Confirmed the fix.
Everything looks ok.

chrismurphy
24th October 2011, 07:33 PM
A regular 'yum update' is not working for me still.

--> Finished Dependency Resolution
--> Running transaction check
---> Package kernel.x86_64 0:3.1.0-0.rc6.git0.3.fc16 will be erased
---> Package sssd.x86_64 0:1.6.2-3.fc16 will be an update
--> Processing Dependency: selinux-policy >= 3.10.0-46 for package: sssd-1.6.2-3.fc16.x86_64
--> Finished Dependency Resolution
Error: Package: sssd-1.6.2-3.fc16.x86_64 (updates-testing)
Requires: selinux-policy >= 3.10.0-46
Installed: selinux-policy-3.10.0-45.1.fc16.noarch (@updates-testing)
selinux-policy = 3.10.0-45.1.fc16
Available: selinux-policy-3.10.0-40.fc16.noarch (fedora)
selinux-policy = 3.10.0-40.fc16
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
[root@f16 chris]#

---------- Post added at 12:33 PM ---------- Previous post was at 12:26 PM ----------

And --skip-broken results in:

Packages skipped because of dependency problems:
sssd-1.6.2-3.fc16.x86_64 from updates-testing
Error: Protected multilib versions: sssd-client-1.6.1-1.fc16.i686 != sssd-client-1.6.2-3.fc16.x86_64

AlexDudko
24th October 2011, 07:43 PM
A regular 'yum update' is not working for me still.

--> Finished Dependency Resolution
--> Running transaction check
---> Package kernel.x86_64 0:3.1.0-0.rc6.git0.3.fc16 will be erased
---> Package sssd.x86_64 0:1.6.2-3.fc16 will be an update
--> Processing Dependency: selinux-policy >= 3.10.0-46 for package: sssd-1.6.2-3.fc16.x86_64
--> Finished Dependency Resolution
Error: Package: sssd-1.6.2-3.fc16.x86_64 (updates-testing)
Requires: selinux-policy >= 3.10.0-46
Installed: selinux-policy-3.10.0-45.1.fc16.noarch (@updates-testing)
selinux-policy = 3.10.0-45.1.fc16
Available: selinux-policy-3.10.0-40.fc16.noarch (fedora)
selinux-policy = 3.10.0-40.fc16
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
[root@f16 chris]#

---------- Post added at 12:33 PM ---------- Previous post was at 12:26 PM ----------

And --skip-broken results in:

Packages skipped because of dependency problems:
sssd-1.6.2-3.fc16.x86_64 from updates-testing
Error: Protected multilib versions: sssd-client-1.6.1-1.fc16.i686 != sssd-client-1.6.2-3.fc16.x86_64

It could be the mirror you are using isn't up to date. Try again later or try to use another mirror.

chrismurphy
25th October 2011, 02:55 AM
A regular 'yum update' appears to now be working unprompted.

fedvasu
25th October 2011, 03:09 AM
yeah everything works fine , issue resolved and thread should be closed right?