Hello community, here is the log from the commit of package yast2-installation for openSUSE:Factory checked in at 2016-09-05 21:12:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-installation (Old) and /work/SRC/openSUSE:Factory/.yast2-installation.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-installation" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-installation/yast2-installation.changes 2016-08-31 00:03:02.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-installation.new/yast2-installation.changes 2016-09-05 21:12:45.000000000 +0200 @@ -1,0 +2,10 @@ +Tue Aug 30 06:55:13 UTC 2016 - lsle...@suse.cz + +- Display a warning popup when the installer self-update uses + the fallback URL instead of the selected SMT or the default SCC + server (bsc#996179) +- Do not contact the registration server in self-update when + network is not running, skip self-update completely +- 3.1.124 + +------------------------------------------------------------------- Old: ---- yast2-installation-3.1.213.tar.bz2 New: ---- yast2-installation-3.1.214.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-installation.spec ++++++ --- /var/tmp/diff_new_pack.MYcpyz/_old 2016-09-05 21:12:47.000000000 +0200 +++ /var/tmp/diff_new_pack.MYcpyz/_new 2016-09-05 21:12:47.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-installation -Version: 3.1.213 +Version: 3.1.214 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-installation-3.1.213.tar.bz2 -> yast2-installation-3.1.214.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-installation-3.1.213/doc/SELF_UPDATE.md new/yast2-installation-3.1.214/doc/SELF_UPDATE.md --- old/yast2-installation-3.1.213/doc/SELF_UPDATE.md 2016-08-30 14:17:36.000000000 +0200 +++ new/yast2-installation-3.1.214/doc/SELF_UPDATE.md 2016-08-31 12:18:55.000000000 +0200 @@ -18,8 +18,9 @@ containing the updates. 2. If updates are available, they will be downloaded. Otherwise, the process will be silently skipped. -3. The update will be applied to the installation system. -4. YaST will be restarted and the installation will be resumed. +3. The updates will be applied to the installation system. +4. YaST will be restarted to reload the modified files and the installation + will be resumed. ### Language Selection @@ -32,6 +33,21 @@ and select the language from the list. Or use the `language` boot option, e.g. `language=de_DE`. +If you want to use a different keyboard layout for the console then use the +[`keytable`](https://en.opensuse.org/SDB:Linuxrc#p_keytable) boot option. + +## Network Setup + +Obviously, for downloading the installer updates YaST needs network. + +YaST by default tries using DHCP on all network interfaces. If there is +a DHCP server in the network then network is configured automatically. + +If you need static IP setup in your network then use the +`ifcfg=<interface>=<ip_address>,<gateway>,<nameserver>` boot option, e.g. +`ifcfg=eth0=192.168.1.101/24,192.168.1.1,192.168.1.2`. +See the [Linuxrc documentation](https://en.opensuse.org/SDB:Linuxrc#Network_Config) +for more details. ## Update Format @@ -43,11 +59,22 @@ are executed. * No dependency checks are performed. RPMs are added in alphabetical order. +The rpm-md repository is required by SMT ([SUSE Subscription Management Tool]( +https://www.suse.com/products/subscription-management-tool)) +as this is the only format which it supports for data mirroring. + +The files from the packages override the files from the original inst-sys. +That means the update packages might not need to contain all files, +it is enough to include only the changed files which are different than +in the original inst-sys. The unchanged files can be omitted to save memory +and the download bandwidth. + ## Where to Find the Updates The URL of the update repository is evaluated in this order: -1. The `SelfUpdate` boot option +1. The `self_update` boot option + (Note: `self_update=0` completely disables the self-update!) 2. The AutoYaST profile - in AutoYaST installation only, use the `/general/self_update_url` XML node: @@ -56,8 +83,10 @@ <self_update_url>http://example.com/updates/$arch</self_update_url> </general> ``` -3. Registration server (SCC/SMT), not available in openSUSE. The URL of the - registration server which should be used is determined via: +3. Registration server ([SCC](https://scc.suse.com) or + [SMT](https://www.suse.com/products/subscription-management-tool)), not + available in openSUSE. The URL of the registration server which should + be used is determined via: 1. The `regurl` boot parameter 2. AutoYaST profile ([reg_server element](https://www.suse.com/documentation/sles-12/singlehtml/book_autoyast/book_autoyast.html#CreateProfile.Register)). 3. SLP lookup (this behavior applies to regular and AutoYaST installations): @@ -79,12 +108,51 @@ The first suitable URL will be used. There are two exceptions: -* Of course, if no update URL is found then the self-update is skipped. -* If SCC/SMT provides multiple URLs, they will be all used. +* If no update URL is found then the self-update is skipped. +* If SCC/SMT provides multiple URLs, they will be all used. Currently this is + the only way how to use more update repositories. + +### Downloading the AutoYaST Profile + +As mentioned above, the self-update repository URL might be stored also in the +AutoYaST installation profile. + +However, the self-update runs at the very beginning when some hardware might +not be initialized yet and therefore in some rare cases it might happen that the +self-updater is not able to load the profile eventhough it can be loaded +by the usual AutoYaST workflow later. + +If that is the case you need to specify the custom update URL via `self_update` +boot option instead of specifying it in the profile. + +### Manual SLP Discovery + +If you want to check which SMT servers are announced locally via SLP you can +run this command: `slptool findsrvs registration.suse`. + +Make sure the SLP communication is not blocked by firewall. Open UDP source port +427 if the firewall is running. + +### Disabling SSL Certificate Check for SMT Server + +When the used SMT server uses a self-signed SSL certificate for HTTPS conntections +YaST will ask to import that certificate. In that case you should verify the +certificate fingerprint before importing it. + +If there are other issues with the certificate (signed by an unknown certificate +authority, expired certificate, ...) then you can disable the SSL check by +the `ptoptions=reg_ssl_verify reg_ssl_verify=0` boot options. But this is +a security risk and should be used only in a trusted network, using a valid +SSL certificate should be preferred. + +### Variable Expansion The URL can contain a variable `$arch` that will be replaced by the system's -architecture, such as `x86_64`, `s390x`, etc. You can find more information -in the [Arch module](http://www.rubydoc.info/github/yast/yast-yast2/Yast/ArchClass). +architecture, such as `x86_64`, `i586`, `s390x`, etc. + +YaST uses [libzypp](https://github.com/openSUSE/libzypp/blob/e68b5df6c96e3f1d140ba15e2a9e85a990210f37/zypp/ZConfig.cc#L63) +for detecting the system architecture so the `$arch` expansion is compatible +with the expansion used in usual repository URLs. ### Actual URLs @@ -92,7 +160,7 @@ `https://updates.suse.com/SUSE/Updates/$PRODUCT/$VERSION/$ARCH/update` where - PRODUCT is like OpenStack-Cloud, SLE-DESKTOP, SLE-SDK, SLE-SERVER, - VERSION (for SLE-SERVER) is like 12, 12-SP1, -- ARCH is one of aarch64 i586 ia64 ppc ppc64 ppc64le s390x x86_64 +- ARCH is one of `aarch64` `ppc64le` `s390x` `x86_64` For the self-update the *PRODUCT* is replaced with *PRODUCT*-INSTALLER, producing these repository paths @@ -105,6 +173,8 @@ ## Security +### Package Integrity + Updates signatures will be checked by libzypp. If the signature is not correct (or is missing), the user will be asked whether she/he wants to apply the update (although it's a security risk). @@ -113,9 +183,16 @@ [/general/signature-handling](https://www.suse.com/documentation/sles-12/singlehtml/book_autoyast/book_autoyast.html#idm140139881381840) section in the profile. -On the other hand, if SLP discovery is enabled, a popup is displayed to choose the -server to use. SLP by default does not use any authentication, everybody on the -local network can announce a registration server. +### SLP Discovery + +If SLP discovery is enabled, a popup is displayed to choose the server to use. +SLP by default does not use any authentication, everybody on the +local network can announce a registration server so it must be confirmed by user. + +In AutoYaST mode SLP discovery must be enabled in the profile (in the +registration section) and it is expected that only one SLP server is present +in the network. If more servers are found the selection popup is displayed +even in the AutoYaST mode. ## Self-update and User Updates @@ -125,7 +202,7 @@ However, the user changes will be re-applied on top of the installer updates. -## Resume installation +## Resuming Installation Any client called before the self-update step is responsible to remember its state (if needed) and automatically going to the next dialog after the YaST restart. @@ -141,7 +218,7 @@ the updates. Some additional schemes might work but are not tested and therefore not supported. -## Error handling +## Error Handling Errors during the installer update are handled as described below: @@ -151,6 +228,8 @@ * in a regular installation/upgrade, YaST2 will offer the possibility to check/adjust the network configuration. * in an AutoYaST installation/upgrade, a warning will be shown. +* If SCC/SMT is used and it returns no URL or fails then the fallback URL from + `control.xml` is used. * If the updates repository is found but it is empty or not valid: * in the case that the URL was specified by the user (using the *SelfUpdate* boot option or through the *self_update_url* element in an AutoYaST profile), an diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-installation-3.1.213/package/yast2-installation.changes new/yast2-installation-3.1.214/package/yast2-installation.changes --- old/yast2-installation-3.1.213/package/yast2-installation.changes 2016-08-30 14:17:36.000000000 +0200 +++ new/yast2-installation-3.1.214/package/yast2-installation.changes 2016-08-31 12:18:55.000000000 +0200 @@ -1,4 +1,14 @@ ------------------------------------------------------------------- +Tue Aug 30 06:55:13 UTC 2016 - lsle...@suse.cz + +- Display a warning popup when the installer self-update uses + the fallback URL instead of the selected SMT or the default SCC + server (bsc#996179) +- Do not contact the registration server in self-update when + network is not running, skip self-update completely +- 3.1.124 + +------------------------------------------------------------------- Thu Aug 25 14:23:20 UTC 2016 - lsle...@suse.cz - Move the installer self update step earlier in the workflow diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-installation-3.1.213/package/yast2-installation.spec new/yast2-installation-3.1.214/package/yast2-installation.spec --- old/yast2-installation-3.1.213/package/yast2-installation.spec 2016-08-30 14:17:36.000000000 +0200 +++ new/yast2-installation-3.1.214/package/yast2-installation.spec 2016-08-31 12:18:55.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-installation -Version: 3.1.213 +Version: 3.1.214 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-installation-3.1.213/src/lib/installation/clients/inst_update_installer.rb new/yast2-installation-3.1.214/src/lib/installation/clients/inst_update_installer.rb --- old/yast2-installation-3.1.213/src/lib/installation/clients/inst_update_installer.rb 2016-08-30 14:17:36.000000000 +0200 +++ new/yast2-installation-3.1.214/src/lib/installation/clients/inst_update_installer.rb 2016-08-31 12:18:55.000000000 +0200 @@ -57,8 +57,8 @@ Installation.finish_restarting! end - # shortcut - already updated or disabled via boot option - if installer_updated? || disabled_in_linuxrc? + # shortcut - already updated, disabled via boot option or network not running + if installer_updated? || disabled_in_linuxrc? || !NetworkService.isNetworkRunning log.info "Self update not needed, skipping" return :next end @@ -72,7 +72,7 @@ initialize_packager - # self update disabled or not possible + # self-update not possible, the repo URL is not defined return :next unless try_to_update? log.info("Trying installer update") @@ -210,7 +210,29 @@ # Set custom_url into installation options Registration::Storage::InstallationOptions.instance.custom_url = registration.url store_registration_url(url) if url != :scc - registration.get_updates_list.map { |u| URI(u.url) } + ret = registration.get_updates_list.map { |u| URI(u.url) } + + display_fallback_warning if ret.empty? + + ret + end + + # Display a warning message about using the default update URL from + # control.xml when the registration server does not return any URL or fails. + # In AutoYaST mode the dialog is closed after a timeout. + def display_fallback_warning + # TRANSLATORS: error message + msg = _("<p>Cannot obtain the installer update repository URL\n" \ + "from the registration server.</p>") + + if self_update_url_from_control + # TRANSLATORS: part of an error message, %s is the default repository + # URL from control.xml + msg += _("<p>The default URL %s will be used.<p>") % self_update_url_from_control + end + + # display the message in a RichText widget to wrap long lines + Report.LongWarning(msg) end # Return the URL of the preferred registration server @@ -415,9 +437,9 @@ # # The update should be performed when these requeriments are met: # - # * Installer is not updated yet. - # * Self-update feature is enabled. # * Network is up. + # * Installer is not updated yet. + # * Self-update feature is enabled and the repository URL is defined # # @return [Boolean] true if the update should be performed; false otherwise. # @@ -425,7 +447,7 @@ # @see #self_update_enabled? # @see NetworkService.isNetworkRunning def try_to_update? - !installer_updated? && self_update_enabled? && NetworkService.isNetworkRunning + NetworkService.isNetworkRunning && !installer_updated? && self_update_enabled? end # Determines whether the given URL is equal to the default one diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-installation-3.1.213/test/inst_update_installer_test.rb new/yast2-installation-3.1.214/test/inst_update_installer_test.rb --- old/yast2-installation-3.1.213/test/inst_update_installer_test.rb 2016-08-30 14:17:37.000000000 +0200 +++ new/yast2-installation-3.1.214/test/inst_update_installer_test.rb 2016-08-31 12:18:55.000000000 +0200 @@ -316,6 +316,18 @@ expect(subject.main).to eq(:restart_yast) end + context "when the registration server returns empty URL list or fails" do + before do + allow(registration).to receive(:get_updates_list).and_return([]) + end + + it "displays a warning about using the default URL from control.xml" do + expect(Yast::Report).to receive(:LongWarning) + .with(/#{Regexp.escape("http://update.opensuse.org/x86_64/update.dud")}/) + subject.main + end + end + context "when more than one SMT server exist" do before do allow(url_helpers).to receive(:slp_discovery).and_return([smt0, smt1])