http://bugzilla.suse.com/show_bug.cgi?id=1131024 http://bugzilla.suse.com/show_bug.cgi?id=1131024#c10 Ancor Gonzalez Sosa <ancor@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|3rd party software |Other Version|unspecified |Leap 15.1 Assignee|yast-internal@suse.de |cbosdonnat@suse.com Product|openSUSE.org |openSUSE Distribution Target Milestone|--- |Leap 15.0 QA Contact|bnc-team-screening@forge.pr |qa-bugs@suse.de |ovo.novell.com | --- Comment #10 from Ancor Gonzalez Sosa <ancor@suse.com> --- David Díaz has being investigating this and he did some VERY interesting findings. TLDR; the package python-websockify is wrong and that is what is producing the error. And now the long version. The upstream version of websockify 0.8.0 uses jwcrypto to enable the web access. But SLE doesn't include python-jwcrypto. To make the feature work in both openSUSE and SLE, the python-websockify package contains this patch. https://build.opensuse.org/package/view_file/openSUSE:Factory/python-websock... Looking at that patch and at the set of "recommends" from comment#3 is pretty obvious that the intention of the package is: use jwcrypto if available and, IF NOT, fall-back to use PyJWT (which is available in both openSUSE and SLE). But that's not what that package achieves. It actually enforces to have PyJWT installed. In openSUSE, if jwcrypto is installed and PyJWT is not (which according to the RPM recommendations is the preferred solution) the service fails to start with the error
pkg_resources.DistributionNotFound: The 'PyJWT' distribution was not found and is required by websockify
That's almost for sure caused by the "install_requires" entry of the mentioned patch. Having that line there, all the modifications to token_plugins.py are pointless. The whole thing will explode on the absence of PyJWT, no matter how many exceptions are catch in token_plugin.py. In other words, our package modifies websockify 0.8.0 to make it incapable of working with jwcrypto and to depend always on PyJWT, which I'm pretty sure was not the intention (and which doesn't match with the "recommends"). On the other hand, the default python installation of SLE already includes PyJWT (so this issue is not visible in SLE) and the default python installation of openSUSE already includes jwcrypto. To make things work with the currently wrong python-websockify in openSUSE, YaST would need to enforce the installation of PyJWT, no matter if jwcrypto is there and no matter in which distro we are. But that fix would contradict the real intention of python-websockify. If that package is fixed to do what it should do, this will work in a default installation of both SLE and openSUSE without modifying YaST. So: 1. reassigning to the author of PyJWT-token-plugin.patch 2. David, great catch! -- You are receiving this mail because: You are on the CC list for the bug.