Johnny Hughes wrote on Sun, 07 May 2006 10:37:10 -0500:
> clamav-db (dag) IS a different name ... but the same thing as clamav-
> data (kbs).
Yes, from the size and the name this is possible.
>
> It also seems that clamd (dag) is the same thing as clamav-server (kbs).
Quite possible.
>
> So .. it seems that what is required to make both of these repos to be
> enabled at the same time is for dag to add these obsoletes:
>
> In clamav-db: obsoletes clamav-data
> In clamd: obsoletes clamav-server
>
> and for kbs to add these:
>
> In clamav-data: obsoletes clamav-db
> In clamav-server: obsoletes clamd
I think the solution above fits in general if you do *not* use protectbase.
It's then maybe a question of who wins the race? So, whichever of the two
is first processed may obsolete the other and the second obsoletes may not
work and still produce an undesired result?
An obsoleted rpm gets completely replaced by the new rpm, even if the
content or name is different. The whole problem *is* created by that
replacing in the first place.
> clamav-db i386 0.88.2-1.el4.rf rpmforge 4.0 M
> replacing clamav-update.i386 0.88-1.el4.kb
So, clamav-db already contains a "obsoletes clamav-update" and
"clamav-update" also exists in the kbs repo. And dag seems to have had a
"clamav-update" in the past and moved that (which probably just contains
freshclam and crontab for it) to the db in one package. That is what
creates the whole problem, at least in my eyes.
The question then is: why would I want a package from protect=0 not update
a package from protect=1, but replace it? Does it make sense to let this
package get replaced, although the repo is protected? I don't think this
makes sense. So, the flaw seems to be in yum and/or protectbase.
Additionally, what makes me think there's something wrong in
yum/protectbase is the difference between check-update and update. It seems
to me the different update behavior occurs because update actually
downloads the rpm and may get more information then. In the light of that
information the following action may be quite reasonable. However, that
means that it decided to download clamav-db *first* - which it should not
have done at all. So, there *must* be happening something different here
between update and check-update as well - and that is certainly wrong, no
matter if the other problem is a protectbase or a repo problem. Or not?
Kai
--
Kai Sch?tzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
