check_yum icon indicating copy to clipboard operation
check_yum copied to clipboard

Published 20 hours ago verified publisher icon calestyo

YUM output signature is larger than current known format

Open Akulatraxas opened this issue 8 years ago • 7 comments

YUM output signature is larger than current known format, please make sure you have upgraded to the latest version of this plugin. If the problem persists, please contact the author for a fix

Example output of yum in that case:

[root@joker plugins]# yum check-update Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 core | 3.0 kB 00:00:00 epel/x86_64/metalink | 26 kB 00:00:00 extras | 3.4 kB 00:00:00 icinga2_repo | 2.5 kB 00:00:00 saltstack-repo | 2.9 kB 00:00:00 updates | 3.4 kB 00:00:00 icinga2_repo/7/primary_db | 17 kB 00:00:00 Loading mirror speeds from cached hostfile

  • base: mirror.de.leaseweb.net
  • epel: mirror.de.leaseweb.net
  • extras: ftp.plusline.de
  • updates: centos.intergenia.de

ImageMagick.x86_64 6.7.8.9-15.el7_2 core Percona-XtraDB-Cluster-shared-56.x86_64 1:5.6.30-25.16.1.el7 core device-mapper.x86_64 7:1.02.107-5.el7_2.5 updates device-mapper-event.x86_64 7:1.02.107-5.el7_2.5 updates device-mapper-event-libs.x86_64 7:1.02.107-5.el7_2.5 updates device-mapper-libs.x86_64 7:1.02.107-5.el7_2.5 updates dracut.x86_64 033-360.el7_2.1 core epel-release.noarch 7-7 core icingaweb2-common.noarch 2.3.4-1.el7.centos icinga2_repo iproute.x86_64 3.10.0-54.el7_2.1 core iscsi-initiator-utils.x86_64 6.2.0.873-33.el7_2.1 core iscsi-initiator-utils-iscsiuio.x86_64 6.2.0.873-33.el7_2.1 core kernel.x86_64 3.10.0-327.22.2.el7 core kernel-headers.x86_64 3.10.0-327.22.2.el7 core kpartx.x86_64 0.4.9-85.el7_2.5 core leveldb.x86_64 1.12.0-11.el7 core libsmbclient.x86_64 4.2.10-6.2.el7_2 core libvirt.x86_64 1.2.17-13.el7_2.5 core libvirt-client.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-config-network.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-config-nwfilter.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-interface.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-lxc.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-network.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-nodedev.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-nwfilter.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-qemu.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-secret.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-driver-storage.x86_64 1.2.17-13.el7_2.5 core libvirt-daemon-kvm.x86_64 1.2.17-13.el7_2.5 core libvirt-devel.x86_64 1.2.17-13.el7_2.5 core libvirt-docs.x86_64 1.2.17-13.el7_2.5 core libwbclient.x86_64 4.2.10-6.2.el7_2 core libxml2.x86_64 2.9.1-6.el7_2.3 core libxml2-devel.x86_64 2.9.1-6.el7_2.3 core lvm2.x86_64 7:2.02.130-5.el7_2.5 updates lvm2-libs.x86_64 7:2.02.130-5.el7_2.5 updates nfs-utils.x86_64 1:1.3.0-0.21.el7_2.1 core polkit.x86_64 0.112-7.el7_2 core python-perf.x86_64 3.10.0-327.22.2.el7 core python-pip.noarch 8.1.2-1.el7 core python-requests.noarch 2.10.0-1.el7 core python-urllib3.noarch 1.15.1-2.el7 core rpcbind.x86_64 0.2.0-33.el7_2.1 core salt.noarch 2016.3.1-1.el7 saltstack-repo salt-minion.noarch 2016.3.1-1.el7 saltstack-repo samba-client.x86_64 4.2.10-6.2.el7_2 core samba-client-libs.x86_64 4.2.10-6.2.el7_2 core samba-common.noarch 4.2.10-6.2.el7_2 core samba-common-libs.x86_64 4.2.10-6.2.el7_2 core samba-common-tools.x86_64 4.2.10-6.2.el7_2 core samba-libs.x86_64 4.2.10-6.2.el7_2 core spice-server.x86_64 0.12.4-15.el7_2.1 core systemd.x86_64 219-19.el7_2.11 core systemd-libs.x86_64 219-19.el7_2.11 core systemd-python.x86_64 219-19.el7_2.11 core systemd-sysv.x86_64 219-19.el7_2.11 core Obsoleting Packages python2-babel.noarch 2.3.4-1.el7 core python-babel.noarch 1.3-6.el7 @core python2-babel.noarch 2.3.4-1.el7 core python-babel.noarch 1.3-6.el7 @core python2-babel.noarch 2.3.4-1.el7 core python-babel.noarch 1.3-6.el7 @core python2-babel.noarch 2.3.4-1.el7 core python-babel.noarch 1.3-6.el7 @core python2-setuptools.noarch 22.0.5-1.el7 core python-setuptools.noarch 0.9.8-4.el7 @base python2-setuptools.noarch 22.0.5-1.el7 core python-setuptools.noarch 0.9.8-4.el7 @base python2-setuptools.noarch 22.0.5-1.el7 core python-setuptools.noarch 0.9.8-4.el7 @base python2-setuptools.noarch 22.0.5-1.el7 core python-setuptools.noarch 0.9.8-4.el7 @base [root@joker plugins]#

Akulatraxas avatar Jun 29 '16 15:06 Akulatraxas

That messages comes from the part where only security updates are checked, so could you please also post the output of yum --security check-update?

In my case, it has many lines like --> libuuid-2.23.2-22.el7_1.i686 from rhel-7-server-rpms excluded (updateinfo).

moschlar avatar Nov 04 '16 10:11 moschlar

See PR #26 for a quick fix for this issue.

moschlar avatar Nov 04 '16 10:11 moschlar

@moschlar I've added a regex based fix to the original upstream plugin in the Advanced Nagios Plugins Collection for both the python and perl versions. I recalled seeing others report a similar error somewhere else so thought I'd do a search and mention it. I just checked your pull request, which disables it if it sees the word "excluded" anywhere - my fix was to regex filter all lines that matched the excluded format instead as this way it doesn't entirely disable the safety check and still applies it to the normal remaining package lines.

@Akulatraxas I'm not sure it's the same underlying cause as for the issue you reported in this ticket as there was no -vvv plugin output given in the original post showing the excluded scenario but you're both welcome to try out the main fixed version.

Out of curiosity are you running this on systems managed by Satellite / Spacewalk?

HariSekhon avatar Dec 14 '16 20:12 HariSekhon

@HariSekhon, thank you. I only tried the python version. That one was a good working replacement for me.

desylva avatar Dec 16 '16 00:12 desylva

this resolution works for me

https://access.redhat.com/solutions/696833

./check_yum --no-warn-on-updates -vvv

... ... ... An update notice is broken, or duplicate, skipping: FEDORA-EPEL-2017-0a2dc39090 An update notice is broken, or duplicate, skipping: FEDORA-EPEL-2011-5330 An update notice is broken, or duplicate, skipping: FEDORA-EPEL-2011-4363 An update notice is broken, or duplicate, skipping: FEDORA-EPEL-2016-29bb03cb12 An update notice is broken, or duplicate, skipping: FEDORA-EPEL-2017-eace7a04f4 An update notice is broken, or duplicate, skipping: FEDORA-EPEL-2013-5580 An update notice is broken, or duplicate, skipping: FEDORA-EPEL-2016-f5a77e4800 No packages needed for security; 15 packages available ' YUM output signature is larger than current known format, please make sure you have upgraded to the latest version of this plugin. If the problem persists, please contact the author for a fix

Resolution Clean yum cache and try again, Raw rm -rf /var/cache/yum/* yum clean all yum update

Root Cause This happens if erratas are having duplicate entries in updateinfo files. If issue is with RHN provided repositories then cleaning yum cache should solve problem. If issue is with third party/local repository and cleaning cache is not working then need to contact vendor of repository to solve this issue.

jgbuenaventura avatar Jul 09 '18 09:07 jgbuenaventura

I also have this issue. The fix mentioned by @jgbuenaventura did not solve it.

I'm running:

CentOS release 6.9 (Final) 2.6.32-696.23.1.el6.x86_64

lpossamai avatar Jan 08 '19 03:01 lpossamai

Hi @HariSekhon and @lpossamai

We've the same problem with that status information since the GPG key used to sign the GitLab packages was changed.

YUM WARNING: Yum output signature is larger than current known format.
Please make sure you have upgraded to the latest version from https://github.com/harisekhon/nagios-plugins.
If the problem persists, please raise a ticket at https://github.com/harisek

Verbose output:

Nagios Plugin for Yum updates on RedHat/CentOS systems - Version 0.8.8
Author: Hari Sekhon

setting plugin timeout to 30 seconds
running command: /usr/bin/yum --security check-update
Returncode: '0'
Output: 'Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-
: manager
Loading mirror speeds from cached hostfile
* base: pkg.adfinis-sygroup.ch
* epel: mirror.hostnet.nl
* extras: pkg.adfinis-sygroup.ch
* updates: mirror.23media.com
Retrieving key from https://packages.gitlab.com/runner/gitlab-runner/gpgkey
Importing GPG key 0x51312F3F:
Userid : "GitLab B.V. (package repository signing key) <[email protected]>"
Fingerprint: f640 3f65 44a3 8863 daa0 b6e0 3f01 618a 5131 2f3f
From : https://packages.gitlab.com/runner/gitlab-runner/gpgkey
Is this ok [y/N]: Retrieving key from https://packages.gitlab.com/runner/gitlab-runner/gpgkey/runner-gitlab-runner-366915F31B487241.pub.gpg
Importing GPG key 0x880721D4:
Userid : "GitLab, Inc. <[email protected]>"
.
.
.

OS: CentOS Linux release 7.8.2003 Script: check_yum version 0.8.8 (https://raw.githubusercontent.com/HariSekhon/Nagios-Plugins/dfec3d2b6af4f750f1cf3ee76e86bd9ce75768fd/check_yum.py)

And the described steps under https://docs.gitlab.com/omnibus/update/package_signatures#yum-redhat-centos were done.

Do you have any idea?

Greets, Adrian

adpe avatar May 06 '20 07:05 adpe