Tobias DiPasquale on Mon, 15 Apr 2002 19:09:35 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] What am I missing about RPM?


Gabe,

	I've heard that a lot of people stuck in your situation will create
their own RPM's from the source tarball. I've never done this, I always
just installed from source what didn't work as an RPM, but this seems to
be the way to go for having to update a lot of machines. You might try
apt-rpm, if you haven't already, but I think that uses the same channels
rpmfind, so that prob. wouldn't do you much good. Worth a try, though.
I, too, moved away from RH for that reason, and I'm sorry I can't be of
any more help to you.

On Mon, 2002-04-15 at 17:57, gabriel rosenkoetter wrote:
> Fair warning: the last time I dealt with RedHat systems (RH 6.2)
> problems similar to those I'm having now pissed me off so extremely
> that I swore I'd never use RH again. But now it's the mandate at my
> workplace, so there's not a whole lot I can do about it. (So, "just
> use Debian and apt!" is not an answer I need to hear, because I'm
> already saying that without effect.)
> 
> I was handed a machine on which I was assured that RedHat's up2date
> had already been run (I cannot re-run up2date, as I don't have
> access to the account with RH which is used to update it; long
> story... in the long run, this machine will use up2date, but it's
> not right now).
> 
> One of the first things I do when I'm responsible for a new machine
> is make sure that security-scary things are up to date. Since
> OpenSSH has been having root holes about every two weeks lately,
> it's high on the list:
> 
> # ssh -V
> OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
> 
> Whoops, that's no good. Hey, I thought they said this machine was
> updated...
> 
> # rpm -qa | grep openssh
> openssh-askpass-gnome-2.9p2-12
> openssh-clients-2.9p2-12
> openssh-2.9p2-12
> openssh-server-2.9p2-12
> openssh-askpass-2.9p2-12
> 
> Curious. Well, how 'bout we find upgrades for those:
> 
> # rpmfind --upgrade openssh
> Resource openssh : no need to upgrade
> 
> Hrm. Weird. You sure?
> 
> # rpmfind -v -v --upgrade openssh
> Host : foo.bar.dom, Country: 840, Zones 0 0 0, Continent 1
> Arch : i386, Os : Linux
> Default distribution : Red Hat, Inc.(Red Hat Linux)
>         owning 1099 of 1105 installed packages
> findResource openssh
> Resource openssh is provided by: openssh-2.9p2-7
> lookupRemoteResource openssh
> Get http://speakeasy.rpmfind.net//resources/openssh.rdf
> Fetching : http://speakeasy.rpmfind.net//resources/openssh.rdf to /root/.rpmfinddir/fetch9383
> HTTPRequest returned : -1
>         Failed !
> Get rpmfind.net/resources/openssh.rdf
> Fetching : rpmfind.net/resources/openssh.rdf to /root/.rpmfinddir/fetch886
>         Failed !
> Error fetching openssh metadata
> Resource openssh : no need to upgrade
> 
> Oh, I see you're just hiding error messages from me. That's just
> swell. But what does this mean? That I need to upgrade rpmfind? As
> near as I can tell from rpmfind's web interface, rpmfind-1.7-2 is
> the current version. So which version am I running? Well, there's
> some dispute about that:
> 
> # rpm -q rpmfind
> rpmfind-1.7-2
> # rpmfind --version
> rpmfind: unknown option --version
> rpmfind 1.6 : RPM packages search engine
> [...]
> 
> Huh?
> 
> In any case, I can grab the openssh packages one by one, rpm -e the
> old packages, then rpm -i the new ones, only but that doesn't
> actually work:
> 
> # rpm -i ftp://speakeasy.rpmfind.net/linux/redhat/updates/7.2/en/os/i386/openssh-server-3.1p1-2.i386.rpm
> error: unpacking of archive failed on file
> /usr/libexec/openssh/sftp-server;3cbc105e: cpio: read
> [root@mta1 root]# which sshd
> /usr/bin/which: no sshd in (/usr/kerberos/sbin:/usr/kerberos/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin)
> 
> ARGH!
> 
> What the hell am I supposed to do now? (Or, what the hell should I
> have done before?)
> 
> I'm throwing up my hands and just installing OpenSSH in the sane way
> I know will work (from source), but I don't want to be scurrying
> around upgrading every one of our Linux machines every two weeks
> when OpenBSD realizes they've reintroduced another bug from the
> '80s...
> 
> -- 
> gabriel rosenkoetter
> gr@eclipsed.net
-- 
------------------------------------------------------
<< Tobias DiPasquale >>
UNIX Software Engineer [Linux/BSD/UNIX/C/Java/Ruby]
mailto:anany@ece.villanova.edu | web:http://cbcg.net/
------------------------------------------------------
Software engineers are not traditional engineers; 
they're rock stars.
  -- Greg Copeland, CTO of Cenzic

Attachment: signature.asc
Description: This is a digitally signed message part