You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Certain RPM versioning may cause install/upgrade actions to attempt a downgrade with DNF/YUM due to inaccurate version comparison in Salt (pkg.version_cmp -> rpm_lowpkg.version_cmp).
I've been able to reproduce this with several Uyuni servers and clients (AlmaLinux 8) with certain Thruk packages:
Although this is not strictly a bug with Uyuni it still affects Uyuni users such as myself. I'm also not sure if the venv-salt-minion packaging is managed by the Uyuni project or (open)SUSE so that's why I've opened an issue only here so far.
Replacing the unmaintained and inaccurate rpm_vercmp module with the rpm module could be a viable fix which I've already tested by manually installing the latter package in the virtualenv.
### DON'T DO THIS WITH PRODUCTION SYSTEMS! ###
# source /usr/lib/venv-salt-minion/bin/activate
(venv-salt-minion) # pip install rpm
Steps to reproduce
Set up an Uyuni Server and RPM based Salt Minion (using venv-salt-minion from Uyuni Client Tools repository)
Add/install RPM packages to the client and channel with certain versioning to trigger the bug (e.g. thruk-3.20-13457.1 and thruk-3.20.2-13569.1). The client needs to have the older package installed to make Uyuni suggest an update.
Try to upgrade the package via Uyuni and inspect the client's DNF/YUM logs after the action has failed due to the inaccurate version comparison leading to a downgrade attempt.
# venv-salt-minion --version
venv-salt-minion 3006.0 (Sulfur)
# rpm -qi venv-salt-minion
Name : venv-salt-minion
Version : 3006.0
Release : 39.20.uyuni
Architecture: x86_64
Install Date: Wed 15 Jan 2025 08:35:28 AM UTC
Group : System/Management
Size : 156373111
License : Apache-2.0
Signature : RSA/SHA256, Wed 18 Dec 2024 03:48:57 PM UTC, Key ID 972e5d6c0d20833e
Source RPM : venv-salt-minion-3006.0-39.20.uyuni.src.rpm
Build Date : Wed 18 Dec 2024 03:48:44 PM UTC
Build Host : i03-ch1d
Relocations : (not relocatable)
Vendor : obs://build.opensuse.org/systemsmanagement:Uyuni
URL : http://saltstack.org/
Summary : The venvjailed client component for Salt
Description :
Virtual environment jail for Salt minion.
Salt minion is queried and controlled from the master.
Listens to the salt master and execute the commands.
Useful logs
Uyuni action details:
ID: pkg_installed
Function: pkg.installed
Name: pkg_installed
Result: false
Comment: The following packages failed to install/update: thruk-plugin-reporting=3.20.2-13569.1, thruk-base=3.20.2-13569.1, thruk=3.20.2-13569.1
Started: 10:06:57.174691
Duration: 5994.911
SLS: packages.pkginstall
Changed: {}
DNF client logs:
DEBUG DNF version: 4.7.0
DDEBUG Command: dnf -y downgrade thruk-plugin-reporting-3.20.2-13569.1 thruk-base-3.20.2-13569.1 thruk-3.20.2-13569.1
DDEBUG Installroot: /
DDEBUG Releasever: 8
DEBUG cachedir: /var/cache/dnf
DDEBUG Base command: downgrade
DDEBUG Extra commands: ['-y', 'downgrade', 'thruk-plugin-reporting-3.20.2-13569.1', 'thruk-base-3.20.2-13569.1', 'thruk-3.20.2-13569.1']
...
INFO Last metadata expiration check: 0:00:02 ago on Tue Jan 14 10:06:58 2025.
DDEBUG timer: sack setup: 1090 ms
WARNING Package thruk-plugin-reporting of lowest version already installed, cannot downgrade it.
WARNING Package thruk-base of lowest version already installed, cannot downgrade it.
WARNING Package thruk of lowest version already installed, cannot downgrade it.
DEBUG --> Starting dependency resolution
DEBUG --> Finished dependency resolution
DDEBUG timer: depsolve: 25 ms
INFO Dependencies resolved.
INFO Nothing to do.
Problem description
Certain RPM versioning may cause install/upgrade actions to attempt a downgrade with DNF/YUM due to inaccurate version comparison in Salt (pkg.version_cmp -> rpm_lowpkg.version_cmp).
I've been able to reproduce this with several Uyuni servers and clients (AlmaLinux 8) with certain Thruk packages:
Although this is not strictly a bug with Uyuni it still affects Uyuni users such as myself. I'm also not sure if the
venv-salt-minion
packaging is managed by the Uyuni project or (open)SUSE so that's why I've opened an issue only here so far.Replacing the unmaintained and inaccurate rpm_vercmp module with the rpm module could be a viable fix which I've already tested by manually installing the latter package in the virtualenv.
Steps to reproduce
thruk-3.20-13457.1
andthruk-3.20.2-13569.1
). The client needs to have the older package installed to make Uyuni suggest an update.Uyuni version
Salt Minion version
Useful logs
Uyuni action details:
DNF client logs:
Additional information
Related issues: saltstack/salt#65443 and #5894
The text was updated successfully, but these errors were encountered: