-
Notifications
You must be signed in to change notification settings - Fork 2
package consistency checker
script available in : https://github.com/FDewaleyne/rhns-utils/tree/master/db-tools
Usage: package-consistency-checker.py [options]
This program will clone all erratas and packages from the source to the
destination as long as they are not already present in the destiation,
depending on which settings are used REMEMBER TO BACKUP YOUR DATABASE
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-v, --verbose Enables debug output
Connection options:
Required options
-H SATHOST, --host=SATHOST
hostname of the satellite to use, preferably a fqdn
e.g. satellite.example.com
-l SATUSER, --login=SATUSER
User to connect to satellite
-p SATPWD, --password=SATPWD
Password to connect to satellite
General options:
Can be used in all calls, are not required
-c DESTCHANNEL, --destChannel=DESTCHANNEL
Channel to populate with the packages that don't have
a path
-A ARCH, --arch=ARCH
Architecture to use when creating the channel and
filtering packages. Defaults to x86_64 which accepts
64 and 32 bits packages
Special action options:
Use only one of those
--keyid=KEYID Focuses on all the packages signed by the keyid
provided. Only use if you know already what keyid to
remove - value to use changes from database to
database.
--nullkeyid Focuses on all packages with no key id
--packageid=PACKAGEID
Focuses on the packages with the same signature as
this package
--packagefile=PACKAGEFILE
Focuses on the packages with a path identical to the
entries in a file
--nokeyassoc Focuses on packages that don't have an entry in the
key association table
--normal Normal run - used by default if no special option is
used
important note: keyid is not the output of rpm -Kv but the ID for that key in the satellite, which isn't stored the same way it's displayed by rpm either. if you don't know the value but know a package signed with that key use --packageid instead ; --packageid will only work if there is a key association, otherwise use --nokeyassoc to select all packages with no key association
This script is intended at finding and gathering packages that have issues in the satellite db ; to continue from there the procedure is
- use the script to create channel(s)[multiple calls if different archs involved]
- at this point if you haven't taken a backup do it.
- remove by force the channels after checking that you're ok removing all these packages. (I recommend the customer to check if he has any question with the packages we're about to remove, which should by default be packages with no path and duplicates) - remove the channels using
spacewalk-remove-channel --force -c CHANELLABELwhen happy with the content of the channel to remove. add--justdbto not remove packages from your/var/satellite - resync the RHEL channels first (important, not customs first) then any repository then custom channels. This helps especially when the satellite relies on another source than RHN for content.
- for cloned channels, re-sync their content from their parents (for exemple with
spacewalk-clone-by-dateor with the sync utility from the channel management pages)
$ python package-consistency-checker.py -H satellite.example.com -l satadmin
most options are not required for a standard run - and the script should only be used while involved with the support for your satellite.
Note keyid is NOT the key id as outputed by rpm -Kv but ID pointing to the place where the full key is stored.
That can be done for special scenarios with --packageid option. This usually involves packages signed with a key known to the satellite.
The --nullkeyid focuses on entries that have a NULL value for the key signature but are in the table of packages signed ; this is rare and may not be required.
The option --nokeyassoc focuses on all entries that don't exist in the table listing the key ids. That may select packages from RHEL4 and under but also custom packages uploaded that have no signature.
spacewalk-data-fsck should be used for situations where the paths are incorrect / Null. This script can only remove entries, spacewalk-data-fsck can do more.