https://bugzilla.novell.com/show_bug.cgi?id=674317 https://bugzilla.novell.com/show_bug.cgi?id=674317#c0 Summary: nagios-nrpe check_zypper misses security updates due to a blocking softwaremgmt update Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: SLES 11 Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: probst@optivation.de QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Opera/9.80 (Windows NT 5.1; U; de) Presto/2.7.62 Version/11.01 We're using check_zypper v1.37 and v1.38 from /opensuse/repositories/server%3a/monitoring/SLE_11.1/ on a SUSE Linux Enterprise Server 11 (x86_64), VERSION = 11, PATCHLEVEL = 1 The corresponding command in our nagios-nrpe configuration is "/usr/lib/nagios/plugins/check_zypper --use_sudo --refresh_repos -w recommended". The current result of the check_zypper command is: Updates WARNING : 2 recommended update(s); | package_updates=0;2;0;0; Reproducible: Always Steps to Reproduce: 1. 2. 3. Actual Results: A manual check using "zypper lp" turns out that there a lot more updates available, which are blocked by two recommended slessp1-softwaremgmt updates. # zypper lp The following software management updates will be installed first: Repository | Name | Version | Category | Status -----------------------+-----------------------------+---------+-------------+------- GWDG SLES11 SP1 Update | slessp1-softwaremgmt-201101 | 3719 | recommended | needed GWDG SLES11 SP1 Update | slessp1-softwaremgmt-201102 | 3828 | recommended | needed The following updates are also available: Repository | Name | Version | Category | Status ----------------------------+------------------------------+---------+-------------+------- GWDG SLES11 SDK SP1 Updates | sdksp1-crash | 3683 | recommended | needed GWDG SLES11 SDK SP1 Updates | sdksp1-libsmi | 3518 | security | needed GWDG SLES11 HAE SP1 Updates | sleshasp1-kernel | 3763 | security | needed [...] Expected Results: check_zypper should be able to identify such subsequent updates as well. Depending on the local security policy is it possible that important security updates stay unnotified for several days (depending on the policy for installing recommended updates). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.