CVE Latest Update Issue
116 views
Skip to first unread message
Pelagio III Nalla
Mar 3, 2021, 6:03:13 PM3/3/21
to salt-...@googlegroups.com
Hi,
We tried to install the latest security update that was rolled out last February 25.
When working to update the salt-minions to Perform the salt-minion self-upgrade using the command below:
salt '*' pkg.install salt-minion refresh=True
salt '*' pkg.install salt-minion refresh=True
We got these errors:
ERROR: Error occurred installing package(s). Additional info follows:
changes:
----------
errors:
- Loaded plugins: fastestmirror
Setting up Install Process
Determining fastest mirrors
Error: Cannot find a valid baseurl for repo: base
YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
Eg. Invalid release/repo/arch combination/
removing mirrorlist with no valid mirrors: /var/cache/yum/x86_64/6/base/mirrorlist.txt
changes:
----------
errors:
- Loaded plugins: fastestmirror
Setting up Install Process
Determining fastest mirrors
Error: Cannot find a valid baseurl for repo: base
YumRepo Error: All mirror URLs are not using ftp, http[s] or file.
Eg. Invalid release/repo/arch combination/
removing mirrorlist with no valid mirrors: /var/cache/yum/x86_64/6/base/mirrorlist.txt
-----
Our salt-master is on CentOS Linux release 7.9.2009 (Core) with Salt version 3000.8, Other servers salt-minion are on Centos 6.10 and are on 3000.5.
I applied this fix on our Centos 6 servers:
However the error above still persist. Hope somebody here can help.
Thanks,
Gio
Mahesh Reddy
Mar 3, 2021, 7:14:36 PM3/3/21
to salt-...@googlegroups.com
This seems to be still an error with centos 6 repository. Were you able to execute yum repolist command successfully where you configured/fixed centos6 repo ?
--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/CAHP3hBqtsohRr66PcGAADDOC3_GKpWFqV7zHx13-ZbSspbrb_g%40mail.gmail.com.
Pelagio III Nalla
Mar 4, 2021, 5:15:55 PM3/4/21
to salt-...@googlegroups.com
Hi Mahesh,
Thank you for your response.
This is the result of the yum repolist command.
# yum repolist
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* epel: ftp-stud.hs-esslingen.de
https://repo.saltstack.com/yum/redhat/6/x86_64/latest/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found"
Trying other mirror.
To address this issue please refer to the below wiki article
https://wiki.centos.org/yum-errors
If above article doesn't help to resolve this issue please use https://bugs.centos.org/.
repo id repo name status
base CentOS-6 - Base 6,713
epel Extra Packages for Enterprise Linux 6 - x86_64 12,581
extras CentOS-6 - Extras 47
updates CentOS-6 - Updates 1,193
repolist: 20,534
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* epel: ftp-stud.hs-esslingen.de
https://repo.saltstack.com/yum/redhat/6/x86_64/latest/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found"
Trying other mirror.
To address this issue please refer to the below wiki article
https://wiki.centos.org/yum-errors
If above article doesn't help to resolve this issue please use https://bugs.centos.org/.
repo id repo name status
base CentOS-6 - Base 6,713
epel Extra Packages for Enterprise Linux 6 - x86_64 12,581
extras CentOS-6 - Extras 47
updates CentOS-6 - Updates 1,193
repolist: 20,534
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/CAOSypRguMNdbOpict%3Dxdz-u9R2Tnq%3DXcW33kyPoyd-Rg9sw6wQ%40mail.gmail.com.
Phipps, Thomas
Mar 4, 2021, 5:57:16 PM3/4/21
to salt-...@googlegroups.com
repo.saltstack.com no longer hosts any redhat 6 files.
you want archive.repo.saltproject.io
The reason is redhat 6 is no longer supported by saltstack. And hasn't been since nov 2020 when Redhat 6 became EOL
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/CAHP3hBrUd4-TbfQZSxwX6Yx6ogmA95YB2Y1_gvx76j_snXO_ww%40mail.gmail.com.
Pelagio III Nalla
Mar 9, 2021, 11:41:07 AM3/9/21
to salt-...@googlegroups.com
I've tried the archive repo but it seems to be throwing the same error:
]# yum repolist
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* epel: ftp-stud.hs-esslingen.de
http://archive.repo.saltproject.io/yum/redhat/6.10/x86_64/archive/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found"
Trying other mirror.
To address this issue please refer to the below wiki article
https://wiki.centos.org/yum-errors
If above article doesn't help to resolve this issue please use https://bugs.centos.org/.
-----
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/CAPaX09jMt%2BnvYdy3xx7Oz0y5PmSpnKTc7g9SgtxA_fFrAPmJTg%40mail.gmail.com.
Phipps, Thomas
Mar 9, 2021, 11:55:09 AM3/9/21
to salt-...@googlegroups.com
You changed latest to archive also. Don't do that. http://archive.repo.saltproject.io/yum/redhat/6.10/x86_64/latest/ Or at least browse the directory to see what is there.
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/CAHP3hBqFO3RMtrfij1acaTcWWOX0WwHjuSxoEyQogoth6rN2tQ%40mail.gmail.com.
Pelagio III Nalla
Mar 15, 2021, 11:25:20 AM3/15/21
to salt-...@googlegroups.com
I updated the saltstack repo and use:
# yum repolist
Loaded plugins: fastestmirror, security
Loaded plugins: fastestmirror, security
Determining fastest mirrors
epel/metalink | 3.5 kB 00:00
* epel: ftp-stud.hs-esslingen.de
base | 3.7 kB 00:00
base/primary_db | 4.7 MB 00:03
epel | 4.7 kB 00:00
epel/primary_db | 6.1 MB 00:00
extras | 3.4 kB 00:00
extras/primary_db | 29 kB 00:00
saltstack | 2.9 kB 00:00
saltstack/primary_db | 57 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 12 MB 00:08
epel/metalink | 3.5 kB 00:00
* epel: ftp-stud.hs-esslingen.de
base | 3.7 kB 00:00
base/primary_db | 4.7 MB 00:03
epel | 4.7 kB 00:00
epel/primary_db | 6.1 MB 00:00
extras | 3.4 kB 00:00
extras/primary_db | 29 kB 00:00
saltstack | 2.9 kB 00:00
saltstack/primary_db | 57 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 12 MB 00:08
repo id repo name status
base CentOS-6 - Base 6,713
epel Extra Packages for Enterprise Linux 6 - x86_64 12,581
extras CentOS-6 - Extras 47
base CentOS-6 - Base 6,713
epel Extra Packages for Enterprise Linux 6 - x86_64 12,581
extras CentOS-6 - Extras 47
saltstack SaltStack latest Release Channel for RHEL/CentOS 6 150
updates CentOS-6 - Updates
updates CentOS-6 - Updates
I tried to run the steps to install the CVE latest updated from our salt-master server with these steps:
yum update -y
reboot
Show all salt-minion versions:
salt-run manage.versions
Schedule a salt-minion restart for 10 minutes time:
salt '*' at.at 'now + 10 minutes' '/sbin/service salt-minion restart > /dev/null 2>&1' tag=salt-restart
Perform the salt-minion self-upgrade:
reboot
Show all salt-minion versions:
salt-run manage.versions
Schedule a salt-minion restart for 10 minutes time:
salt '*' at.at 'now + 10 minutes' '/sbin/service salt-minion restart > /dev/null 2>&1' tag=salt-restart
Perform the salt-minion self-upgrade:
salt '*' pkg.install salt-minion refresh=True
---
However our server that has Centos 6.10 is still on 3000.5
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/CAPaX09ji%3D8Ug5oTEMU5XCG9LuDkgQWKmxdCtMyBcOWdn%3D_UBQg%40mail.gmail.com.
Phipps, Thomas
Mar 15, 2021, 11:48:01 AM3/15/21
to salt-...@googlegroups.com
3000.5 is correct. there are no new packaged versions for redhat 6 and there will not be any in the future. redhat 6 is EOL if you want to get the fix into redhat 6 you need to do the patch method.
To view this discussion on the web visit https://groups.google.com/d/msgid/salt-users/CAHP3hBoUmrQqMr5QjunAib_c60d_9XudnBker%3DCKZag0T4cyZQ%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages