[opensuse-autoinstall] Autoinstallation of SLES 10.2 is failing with addition of custom add-on, possibly due to placement of gpg key for custom add-on
This is my first email to this list, so I will try to include as much information as possible to describe my problem. I am trying to make a custom DVD that includes all of the standard SLES 10.2 files along with an RPM for my companies product. I think that the problem that I am running into is due to not placing the gpg for my companies product in the correct location, but I am not entirely sure at this point. Let me describe what I have done so far and hopefully someone can help me see where I may have gone wrong. Here is what I did to set up the directory for building the iso: 1. I copied the contents of the entire SUSE 10 SP2 DVD into /[path_to_dvd_contents]/isoroot/ 2. I think followed this link < http://www.suse.de/~ug/AutoYaST_FAQ.html#b9> that Uwe Gansert wrote about adding your own RPMs to an SLES installation source a. I used version 20060925 of the create_update_source.sh script b. I copied our owned signed RPM to /[path_to_dvd_contents]/updates/suse/i586/ c. I then ran the following commands from /[path_to_dvd_contents]/isoroot/updates/suse/ (as outlined in create_update_source.sh description from here <http://en.opensuse.org/Inst-source-utils#Short_description_of_the_scripts>) i. create_package_descr -x setup/descr/EXTRA_PROV ii. cd setup/descry iii. create_directory.yast . iv. create_md5sums . d. Opting now to add this installation source to our existing autoinst.xml files, I created an add_on_products file located at /[path_to_dvd_contents]/isoroot/add_on_products i. The contents of this file is just "dvd:///updates" 3. I then followed this link <http://www.suse.de/~ug/AutoYaST_FAQ.html#bB> that Uwe Gansert wrote for signing an add-on product with our gpg key 4. At this point I would run the mkisofs command to build the iso I tested this by installing this custom installation DVD on a VM. Using an existing autoinst.xml file, I began installing on the VM. When it gets to the portion where it tries to configure the software selections, a window is displayed that says: +--------------------------------------------+ | Error occurred while creating the catalog. | | | | +-----------------------------+ | | | dvd:///updates | | | | Source rejected by the user | | | +-----------------------------+ | +--------------------------------------------+ I noticed that when this message was displayed, that it was trying to download from dvd:///updates/content.key which lead me to think that I needed to re-sign our add-on product properly. I followed this link <http://www.suse.de/~ug/AutoYaST_FAQ.html#bB> that Uwe Gansert wrote for signing an add-on product with our gpg key. After completing these steps, I redid step 2c that I listed above and remade the iso. I again tested this by installing this custom installation DVD on a VM. Using the same existing autoinst.xml file, I began installing on the VM. When it gets to the portion where it tries to configure the software selections this time, the following error message is displayed: +----------------------------------------------------------------------------------------------+ | Error | | | | The package resolver run failed. Please check your software section in the autoyast profile. | +----------------------------------------------------------------------------------------------+ Looking at the software section of the autoinst.xml file that I am using looks like this: <software> <patterns config:type="list"> <pattern>base</pattern> <pattern>ha_sles</pattern> </patterns> <packages config:type="list"> <package>emacs</package> <package>[custom_rpm_name]</package> <package>ipsec-tools</package> <package>perl-Net-Daemon</package> <package>perl-XML-RegExp</package> <package>perl-PlRPC</package> <package>perl-Data-ShowTable</package> <package>perl-XML-DOM</package> <package>perl-DBD-mysql</package> <package>perl-DBI</package> </packages> </software> If anyone can provide any suggestions for other things to try or perhaps where I may have gone wrong, I would greatly appreciate it. If you need more information then please let me know. Thank you, Jason Babicka -- To unsubscribe, e-mail: opensuse-autoinstall+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-autoinstall+help@opensuse.org
Greetings, I have not created a DVD for myself and hence am not sure if this is neccessary for you, but I assume you forgot to not only accept the new key, but also import it. Here is how we do that for our local mirror of a third party repo in <add_on_products>: ---------- 8< ---------- <listentry> <media_url>http://somewhere/thirdparty/cthiel1/openSUSE_11.1/</media_url> <product>thirdparty-cthiel</product> <name>thirdparty-cthiel</name> <product_dir>/</product_dir> <signature-handling> <accept_file_without_checksum config:type="boolean">false</accept_file_without_checksum> <accept_non_trusted_gpg_key> <all config:type="boolean">false</all> <keys config:type="list"> <keyid>2F7CFB3C4A50F8F6</keyid> </keys> </accept_non_trusted_gpg_key> <accept_unknown_gpg_key config:type="boolean">false</accept_unknown_gpg_key> <accept_unsigned_file config:type="boolean">false</accept_unsigned_file> <accept_verification_failed config:type="boolean">false</accept_verification_failed> <import_gpg_key> <all config:type="boolean">false</all> <keys config:type="list"> <keyid>2F7CFB3C4A50F8F6</keyid> </keys> </import_gpg_key> </signature-handling> </listentry> ---------- >8 ---------- You can see the (ugly, gory) details of what failed during installation in /var/log/YaST2/y2log (Just switch to the second terminal when your error message appears). That file is huge, so a grep for something like "THROW", "failed" or the name of your repo around the end of the file might be in order. tty, 686f6c6d -- To unsubscribe, e-mail: opensuse-autoinstall+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-autoinstall+help@opensuse.org
Thank you for your suggestion. I took your snippet and altered it so that it would be applicable to my add-on product and placed it in the autoinst.xml file that I have been using. Unfortunately, the results that I got were the same as to what I originally reported experiencing. I checked the /var/log/YaST2/y2log script after the installation had completed. Using grep with your suggested keywords (throw and fail) did not yield any results surprisingly. I manually reviewed the entire log. Unfortunately again this did not yield any further information as nothing that I read through seemed to be related to the error message encountered, reference my add-on product rpm or add-on product name. So at this point, are there any other suggestions? -Jason Babicka -----Original Message----- From: them4z@googlemail.com [mailto:them4z@googlemail.com] On Behalf Of 686f6c6d Sent: Friday, October 02, 2009 3:43 AM To: Jason Babicka Cc: opensuse-autoinstall@opensuse.org Subject: Re: [opensuse-autoinstall] Autoinstallation of SLES 10.2 is failing with addition of custom add-on, possibly due to placement of gpg key for custom add-on Greetings, I have not created a DVD for myself and hence am not sure if this is neccessary for you, but I assume you forgot to not only accept the new key, but also import it. Here is how we do that for our local mirror of a third party repo in <add_on_products>: ---------- 8< ---------- <listentry> <media_url>http://somewhere/thirdparty/cthiel1/openSUSE_11.1/</media_url> <product>thirdparty-cthiel</product> <name>thirdparty-cthiel</name> <product_dir>/</product_dir> <signature-handling> <accept_file_without_checksum config:type="boolean">false</accept_file_without_checksum> <accept_non_trusted_gpg_key> <all config:type="boolean">false</all> <keys config:type="list"> <keyid>2F7CFB3C4A50F8F6</keyid> </keys> </accept_non_trusted_gpg_key> <accept_unknown_gpg_key config:type="boolean">false</accept_unknown_gpg_key> <accept_unsigned_file config:type="boolean">false</accept_unsigned_file> <accept_verification_failed config:type="boolean">false</accept_verification_failed> <import_gpg_key> <all config:type="boolean">false</all> <keys config:type="list"> <keyid>2F7CFB3C4A50F8F6</keyid> </keys> </import_gpg_key> </signature-handling> </listentry> ---------- >8 ---------- You can see the (ugly, gory) details of what failed during installation in /var/log/YaST2/y2log (Just switch to the second terminal when your error message appears). That file is huge, so a grep for something like "THROW", "failed" or the name of your repo around the end of the file might be in order. tty, 686f6c6d
On Fri, Oct 2, 2009 at 20:53, Jason Babicka <JBabicka@bitarmor.com> wrote:
Thank you for your suggestion. I took your snippet and altered it so that it would be applicable to my add-on product and placed it in the autoinst.xml file that I have been using. Unfortunately, the results that I got were the same as to what I originally reported experiencing.
My apologies, I overlooked you use SLES10.2, so it might not be possible to use per-add-on-product gpg settings. If that is the case, try putting them in the global settings in <general><signature-handling> (if you didn't already do that in your alterations).
I checked the /var/log/YaST2/y2log script after the installation had completed. Using grep with your suggested keywords (throw and fail) did not yield any results surprisingly. I manually reviewed the entire log. Unfortunately again this did not yield any further information as nothing that I read through seemed to be related to the error message encountered, reference my add-on product rpm or add-on product name.
Stepping back to you original error message containing "Source rejected by the user", I would assume two possible cases: First, it might be you're still missing some gpg setting (maybe because the above changes where made on a per-addon basis and where ignored by autoyast). Another thing to look for in the logs is something like "user decision on <something like import>: 0", which indicates something went wrong with your import settings. I guess you have to at least use bioth accept_non_trusted_gpg_key and import_gpg_key, maybe even accept_unknown_gpg_key if your key is from a local/unknown CA. Second, it might be the case that the path to your addon is invalid. The only reference on device names I could find in the context of the old add_on_product file is (see further down below http://www.suse.de/~ug/AutoYaST_FAQ.html#b9) to use something like this: hd:/updates?device=/dev/your-dvd-device / It might be easier to use <add-on>, maybe with a relative path (as described in http://forgeftp.novell.com/yast/doc/SL11.1/tdg/installation_features.html) if that is supported in 10.2... In any case, the latter error message about the resolver happens because the add-on does not work and hence not all packages can be found. To help find the cause of the problem, try reading y2log during install: When the first error message appears, don't confirm it, but switch to the second terminal and read the last few dozen lines of the file, your problem hides there. tty, 686f6c6d -- To unsubscribe, e-mail: opensuse-autoinstall+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-autoinstall+help@opensuse.org
participants (2)
-
686f6c6d -
Jason Babicka