The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

This issue tracker is now in read-only archive mode and automatic ticket export has been disabled. Redmine users will need to create a new JIRA account to file tickets using https://tickets.puppetlabs.com. See the following page for information on filing tickets with JIRA:

Bug #3707

Yum provider "purge" target runs irrespective of package installation status

Added by Oliver Hookins almost 6 years ago. Updated over 2 years ago.

Status:Code InsufficientStart date:05/03/2010
Priority:NormalDue date:
Assignee:Charlie Sharpsteen% Done:

0%

Category:package
Target version:-
Affected Puppet version:3.2.4 Branch:https://github.com/mmrobins/puppet/tree/ticket/2.7.x/3707-yum_purging
Keywords: customer

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com

This ticket is now tracked at: https://tickets.puppetlabs.com/browse/PUP-1295


Description

It seems the yum provider will try to purge an absent package:

[root@test ~]# cat test.pp 
package { logwatch: ensure => purged; }

[root@test ~]# /bin/rpm -q logwatch --nosignature --nodigest --qf '%{NAME} %|EPOCH?{%{EPOCH}}:{0}| %{VERSION} %{RELEASE} %{ARCH}'
package logwatch is not installed

[root@test ~]# puppet -d -v test.pp 
debug: Puppet::Type::Package::ProviderRpm: Executing '/bin/rpm --version'
debug: Puppet::Type::Package::ProviderUrpmi: Executing '/bin/rpm -ql rpm'
debug: Puppet::Type::Package::ProviderYum: Executing '/bin/rpm --version'
debug: Puppet::Type::Package::ProviderAptrpm: Executing '/bin/rpm -ql rpm'
debug: Puppet::Type::Package::ProviderPorts: file /usr/local/sbin/portupgrade does not exist
debug: Puppet::Type::Package::ProviderAptitude: file /usr/bin/aptitude does not exist
debug: Puppet::Type::Package::ProviderSunfreeware: file pkg-get does not exist
debug: Puppet::Type::Package::ProviderUp2date: file /usr/sbin/up2date-nox does not exist
debug: Puppet::Type::Package::ProviderApt: file /usr/bin/apt-get does not exist
debug: Puppet::Type::Package::ProviderPortage: file /usr/bin/emerge does not exist
debug: Puppet::Type::Package::ProviderRug: file /usr/bin/rug does not exist
debug: Puppet::Type::Package::ProviderDpkg: file /usr/bin/dpkg does not exist
debug: Puppet::Type::Package::ProviderSun: file /usr/sbin/pkgrm does not exist
debug: Puppet::Type::Package::ProviderAptrpm: file apt-get does not exist
debug: Puppet::Type::Package::ProviderFink: file /sw/bin/fink does not exist
debug: Puppet::Type::Package::ProviderHpux: file /usr/sbin/swremove does not exist
debug: Puppet::Type::Package::ProviderUrpmi: file urpmi does not exist
debug: Puppet::Type::Package::ProviderFreebsd: file /usr/sbin/pkg_info does not exist
debug: Puppet::Type::Package::ProviderOpenbsd: file pkg_info does not exist
debug: Creating default schedules
debug: Failed to load library 'selinux' for feature 'selinux'
debug: Puppet::Type::User::ProviderLdap: true value when expecting false
debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist
debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist
debug: Puppet::Type::User::ProviderPw: file pw does not exist
debug: Failed to load library 'ldap' for feature 'ldap'
debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
debug: /File[/var/lib/puppet/ssl/crl.pem]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/certs/test.pem]: Autorequiring File[/var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring File[/var/lib/puppet/state]
debug: /File[/var/lib/puppet/ssl/public_keys/test.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys]
debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl]
debug: /File[/var/lib/puppet/ssl/private_keys/test.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys]
debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]
debug: Finishing transaction 23973287885200 with 0 changes
debug: Prefetching yum resources for package
debug: Puppet::Type::Package::ProviderYum: Executing '/bin/rpm --version'
debug: Puppet::Type::Package::ProviderYum: Executing '/bin/rpm -qa --nosignature --nodigest --qf '%{NAME} %|EPOCH?{%{EPOCH}}:{0}| %{VERSION} %{RELEASE} %{ARCH}
''
info: Applying configuration version '1272893121'
debug: Puppet::Type::Package::ProviderYum: Executing '/bin/rpm -q logwatch --nosignature --nodigest --qf %{NAME} %|EPOCH?{%{EPOCH}}:{0}| %{VERSION} %{RELEASE} %{ARCH}
'
debug: //Package[logwatch]: Changing ensure
debug: //Package[logwatch]: 1 change(s)
debug: Puppet::Type::Package::ProviderYum: Executing '/usr/bin/yum -y erase logwatch'
notice: //Package[logwatch]/ensure: created
debug: Finishing transaction 23456258088960 with 1 changes

History

#1 Updated by James Turnbull almost 6 years ago

  • Category set to package
  • Status changed from Unreviewed to Needs More Information
  • Assignee set to David Lutterkort

David – you have a view on this?

#2 Updated by Stephen Gran almost 6 years ago

Hello,

I’ve reproduced this at work (funnily enough also with logwatch :) ). The problem is that rpm exits 1 if the package is not installed, and the query method returns nil instead of returning a hash as it should.

#3 Updated by Stephen Gran almost 6 years ago

patch:

From 1b3120445f52ba9fd189a4761d845b037da30331 Mon Sep 17 00:00:00 2001
From: Stephen Gran "Stephen.Gran@ioko.com"
Date: Wed, 23 Jun 2010 13:37:26 +0100
Subject: [PATCH] Make rpm package provider work correctly for ensure => absent

rpm, like dpkg-query exits 1 if the package is not installed.  Returning
nil in this provider had the effect that on every run, puppet would end
up calling yum erase .  Returning the correct data structure
resolves this.

Has been tested on RHEL 4 and RHEL 5.
Signed-off-by: Stephen Gran 
---
 lib/puppet/provider/package/rpm.rb |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/lib/puppet/provider/package/rpm.rb b/lib/puppet/provider/package/rpm.rb
index a9da43f..09798d5 100755
--- a/lib/puppet/provider/package/rpm.rb
+++ b/lib/puppet/provider/package/rpm.rb
@@ -60,7 +60,9 @@ Puppet::Type.type(:package).provide :rpm, :source => :rpm, :parent => Puppet::Pr
         begin
             output = rpm(*cmd)
         rescue Puppet::ExecutionFailure
-            return nil
+            # rpm exits 1 if the package is not found.
+            return {:ensure => :purged, :status => 'missing',
+                :name => @resource[:name], :error => 'ok'}
         end
 
         # FIXME: We could actually be getting back multiple packages
-- 
1.7.1

#4 Updated by James Turnbull almost 6 years ago

  • Status changed from Needs More Information to In Topic Branch Pending Review

#5 Updated by James Turnbull almost 6 years ago

  • Target version set to 49

#6 Updated by James Turnbull over 5 years ago

  • Target version changed from 49 to 2.6.2

#7 Updated by James Turnbull over 5 years ago

  • Status changed from In Topic Branch Pending Review to Closed

Pushed in commit:021d534482dd8edb863cb77d668ac3525362a0a6 in branch 2.6.x

#8 Updated by Markus Roberts over 5 years ago

  • Status changed from Closed to Code Insufficient
  • Target version deleted (2.6.2)

So far as I can tell this code was never reviewed; it caused other problems (#4929) and was not ready to merge; it has been reverted in commit:55417bc454132bc8c48ff98d5092baa85f94d6ed and this ticket reopened.

#9 Updated by Yvo van Doorn over 4 years ago

  • Affected Puppet version changed from 0.25.4 to 2.6.12

Still present in 2.6.12.

In order to avoid a circular dependency that is bugged in Issue #2198, I have the following setup:

"httpd-2.2.21" :
alias => "httpd-current",
provider => rpm,
source => "http://${yumrepo}/asd-repo-6/${architecture}/httpd-2.2.21-2.el6.${architecture}.rpm",
require => [Package['apr-devel'], Package['expat-devel'], Package['apr-util-devel'], Package['apr-util-ldap'], Package['httpd-tools-2.2.21']],
ensure => '2.2.21-2.el6';
}
package {
"httpd-tools-2.2.21" :
provider => rpm,
source => "http://${yumrepo}/asd-repo-6/${architecture}/httpd-tools-2.2.21-2.el6.${architecture}.rpm",
require => [Package['apr-devel'], Package['expat-devel'], Package['apr-util-devel'], Package['apr-util-ldap']],
ensure => '2.2.21-2.el6';
}
# Get rid of the old and it is dirty due to circular dependency
package {
"httpd-tools-2.2.15" :
alias => "httpd-tools",
provider => yum,
ensure => purged,
notify => Package['httpd-tools-2.2.21'];
}
package {
"httpd-2.2.15" :
alias => "httpd",
provider => yum,
ensure => purged,
notify => Package['httpd-2.2.21'];
}

Whenever puppet runs on the client it reports:

[yvo.vandoorn@xxx ~]$ sudo -H /usr/sbin/puppetd -t --environment=yvov          
info: Retrieving plugin
info: Loading facts in mysql
info: Loading facts in mysql
info: Caching catalog for xxx
info: Applying configuration version '1321312363'
notice: /Stage[main]/Puppet::Client/Exec[touch last_run file]/returns: executed successfully
notice: /Stage[main]/Apache::Server/Package[httpd-2.2.15]/ensure: created
notice: /Stage[main]/Apache::Server/Package[httpd-tools-2.2.15]/ensure: created
notice: Finished catalog run in 7.68 seconds

Be great to get this one fixed!

#10 Updated by Matt Robinson over 4 years ago

  • Assignee changed from David Lutterkort to Matt Robinson
  • Branch set to https://github.com/mmrobins/puppet/tree/ticket/2.7.x/3707-yum_purging

I think the fix that James had originally was almost right. It just needed another bit of logic in the yum install method to handle the new data returned by rpm query. I’ve attached a branch that has the changes need, but not the tests. I don’t have time to finish it for a pull request right now, but will try to get back to it before long. In the meantime, if anyone wants to take a look at the branch and let me know if it works for them or write some tests, that would be great.

#11 Updated by Anonymous about 4 years ago

  • Assignee deleted (Matt Robinson)

#12 Updated by Charlie Sharpsteen about 3 years ago

  • Keywords set to customer

#14 Updated by Charlie Sharpsteen almost 3 years ago

  • Assignee set to Charlie Sharpsteen

#15 Updated by Jon McKenzie over 2 years ago

  • Support Urls deleted (https://support.puppetlabs.com/tickets/670)
  • Affected Puppet version changed from 2.6.12 to 3.2.4

Any updates on this? This is still a bug in both the 2.7.x and 3.x lines. I can take a crack at adding tests for Matt’s additions, if no one is actively working on this.

#16 Updated by Charlie Sharpsteen over 2 years ago

  • Support Urls deleted (https://support.puppetlabs.com/tickets/670)

Jon, that would be awesome! If you could add tests and open a pull request, the engineering team will review this change for addition. Details concerning the process can be found in the Puppet Source in the file CONTRIBUTING.md. Let us know if you have any questions!

#17 Updated by Mike Lehner over 2 years ago

Yes this is still an issue. I’m interested in helping with this in any way I can. This is a funny one because it almost doesn’t apply to new infrastructure but it really really hurts the process on new implementations of puppet and bringing old infrastructure in sync which is where I’m at now. All I really need is to yum remove a package and its dependencies.

#18 Updated by Killboy Powerhed over 2 years ago

I realise this is an off-the-cuff response (very little thought or testing as well) as I only came across this issue today, but if most people just want the yum provider to remove dependencies isn’t a quick patch better than nothing ? – this issue seems to have been ongoing for 4+ years in various tickets. Adding an override ‘uninstall’ method to the yum provider seems to do what I want it to do, then I just use ‘absent’ instead of ‘purge’ and the puppet run output is clean.

The fact that an incorrectly validated module could wipe out most of a system by removing all of a packages dependencies is present but isn’t that what dev environments are for? This way we can get on with our work while someone fixes the purge issue in the background ;)

Happy to be enlightened if I’ve missed something major..

thanks


--- a/puppet/provider/package/yum.rb    2013-10-19 00:24:40.931068196 +1100
+++ b/puppet/provider/package/yum.rb    2013-10-19 00:43:43.023276312 +1100
@@ -96,5 +96,9 @@
   def purge
     yum "-y", :erase, @resource[:name]
   end
+
+  def uninstall
+    yum "-y", :erase, @resource[:name]
+  end
 end

#19 Updated by Jon McKenzie over 2 years ago

Redmine Issue #3707 has been migrated to JIRA:

https://tickets.puppetlabs.com/browse/PUP-1295

Also available in: Atom PDF