[Bug 583952] New: kiwi: openssl-certs package causes kiwi fail in boot-prepare
http://bugzilla.novell.com/show_bug.cgi?id=583952 http://bugzilla.novell.com/show_bug.cgi?id=583952#c0 Summary: kiwi: openssl-certs package causes kiwi fail in boot-prepare Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: System Imaging AssignedTo: ms@novell.com ReportedBy: robert.hetzler@sap.com QAContact: adrian@novell.com Found By: Third Party Developer/Partner Blocker: --- While prepping a system to use kiwi, I ran into the following problem during initial test run: openssl-certs package would fail installation during boot-prepare, complaining /dev/null: permission denied on line 2 $ rpm -qi --scripts openssl-certs [snip] postinstall scriptlet (using /bin/sh): # need to do that here so c_rehash can deal with hash collisions c_rehash /etc/ssl/certs > /dev/null postuninstall scriptlet (using /bin/sh): c_rehash /etc/ssl/certs > /dev/null || true no issues with /dev/null as far as i can tell, nor the /dev/null in my build root. Either way, I googled around and found this patch for JeOS/SLE10: http://gitorious.org/kiwi/kiwi/commit/fd0d509112e85f01da618169896a1d257718f2... which pointed me in the right direction insofar as that the openssl-certs package was not needed in the bootstrap section of boot image You might want to consider applying the same update to the config.xml in the boot images that come with kiwi. I am using the latest (4.19) ref: grep openssl-certs -RnB 5 /usr/share/kiwi/image (some false positives, but you get the idea) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=583952 http://bugzilla.novell.com/show_bug.cgi?id=583952#c1 Marcus Schaefer <ms@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |robert.hetzler@sap.com --- Comment #1 from Marcus Schaefer <ms@novell.com> 2010-03-01 09:44:42 UTC --- we intentionally added openssl-certs into the bootstrap section because it's required if you use repos with authentication. So I'm afraid simply removing it can't be done I can't reproduce this "/dev/null" error. As a test build I used 4.19 on 11.1 build machine building a 11.2 image while building the dev/null node also exists did you build on a clean build system ? the log in my test showed: Retrieving package openssl-certs-0.9.8h-28.1.noarch (68/109), 121.0 K (200.0 K u npacked) Installing: openssl-certs-0.9.8h-28.1 [done] Additional rpm output: warning: /tmp/kiwi-11.2/var/cache/zypp/packages/tmp_kiwimount-openSUSE-11.2-DVD- i586.iso-14890/suse/noarch/openssl-certs-0.9.8h-28.1.noarch.rpm: Header V3 RSA/S HA256 signature: NOKEY, key ID 3dbdc284 the key warning is ok, I don't have this key imported in the RPM keyring on my buildmachine confused :) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=583952 http://bugzilla.novell.com/show_bug.cgi?id=583952#c2 --- Comment #2 from Marcus Schaefer <ms@novell.com> 2010-03-03 11:52:50 UTC --- any news ? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=583952 http://bugzilla.novell.com/show_bug.cgi?id=583952#c3 Robert Hetzler <robert.hetzler@sap.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |robert.hetzler@sap.com Info Provider|robert.hetzler@sap.com | --- Comment #3 from Robert Hetzler <robert.hetzler@sap.com> 2010-03-03 19:03:07 UTC --- Sorry for the delay Here is my log excerpt: Retrieving package openssl-certs-0.9.8h-25.14.noarch (64/105), 112.0 K (190.0 K unpacked) Installing: openssl-certs-0.9.8h-25.14 [error] Installation of openssl-certs-0.9.8h-25.14 failed: (with --nodeps --force) Error: Subprocess failed. Error: RPM failed: /var/tmp/rpm-tmp.22855: line 2: /dev/null: Permission denied error: %post(openssl-certs-0.9.8h-25.14.noarch) scriptlet failed, exit status 1 Abort, retry, ignore? [A/r/i]: a Problem occured during or after installation or removal of packages: Installation aborted by user Please see the above error message for a hint. + ECODE=4 + echo 4 exit 4 The scriptlet that it dies in (on line 2), should be the same one I posted in the description. The system this test was run on wasn't new-fresh, but should be reasonably so. Getting it reimaged may take some time. The build is the oemboot/suse-SLES11 from 4.19 (and 4.16) I took a look in the /dev to make sure /dev/null was ok. everything looks good... :~/kiwi/linux_x64/release/vmroot/kiwi-build/bootbuild/root/dev> ls -al total 12 drwxr-xr-x 3 root root 4096 2009-02-20 17:34 . drwxr-xr-x 20 root root 4096 2010-03-03 10:27 .. lrwxrwxrwx 1 root root 13 2010-03-03 10:26 fd -> /proc/self/fd crw--w--w- 1 root root 1, 7 2010-03-03 10:26 full brw-r----- 1 root root 7, 0 2010-03-03 10:26 loop0 brw-r----- 1 root root 7, 1 2010-03-03 10:26 loop1 brw-r----- 1 root root 7, 2 2010-03-03 10:26 loop2 brw-r----- 1 root root 7, 3 2010-03-03 10:26 loop3 crw-rw-rw- 1 root root 1, 3 2010-03-03 10:26 null crw-rw-rw- 1 root root 5, 2 2010-03-03 10:26 ptmx drwxr-xr-x 2 root root 4096 2010-03-03 10:26 pts crw-rw-rw- 1 root root 1, 8 2010-03-03 10:26 random lrwxrwxrwx 1 root root 4 2010-03-03 10:26 stderr -> fd/2 lrwxrwxrwx 1 root root 4 2010-03-03 10:26 stdin -> fd/0 lrwxrwxrwx 1 root root 4 2010-03-03 10:26 stdout -> fd/1 crw-rw-rw- 1 root root 5, 0 2010-03-03 10:26 tty crw-r--r-- 1 root root 1, 9 2010-03-03 10:26 urandom crw-rw-rw- 1 root root 1, 5 2010-03-03 10:26 zero The only major difference I can think of is that the build is happening on an nfs partition. (all my previous builds have been done on local partitions) Would this be likely to cause problems? We are unlikely to need authentication on our repositories, so I can just as easily edit the package out if that's all it's there for. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=583952 http://bugzilla.novell.com/show_bug.cgi?id=583952#c4 Marcus Schaefer <ms@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX --- Comment #4 from Marcus Schaefer <ms@novell.com> 2010-03-04 11:14:45 UTC --- ah nfs is the problem yes. did you export the filesystem with *(rw,no_root_squash,sync,no_subtree_check) this should help -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=583952 http://bugzilla.novell.com/show_bug.cgi?id=583952#c5 --- Comment #5 from Robert Hetzler <robert.hetzler@sap.com> 2010-03-04 17:37:35 UTC --- Our current nfs mount is as follows (i have no control over this), I expect this explains a number of things. (rw,nosuid,nodev,hard,intr,sloppy,addr=xxx.xxx.xxx.xxx,nfsvers=3,proto=tcp,mountproto=udp) We're looking into adding a separate scratch disk for the machine that kiwi can work off of, hopefully this will clear up the issue. Thanks -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com