[CentOS] Auto-installing security updates?

Fri May 22 05:00:12 UTC 2009
JohnS <jses27 at gmail.com>

On Thu, 2009-05-21 at 21:06 -0400, Ross Walker wrote:
> On Thu, May 21, 2009 at 12:13 PM, JohnS <jses27 at gmail.com> wrote:
> > On Wed, 2009-05-20 at 09:30 -0400, Ross Walker wrote:
> >> I wonder if yum-updatesd might cache repo data separate from yum
> >> cache, in which case some older incompatible cached data from the
> >> previous version may still be around causing yum-updatesd to bork.
> >>
> >> If so I think that cache will need to be manually deleted.
> >>
> >> I'll check my desktop system when I get to work to see if my theory is
> >> correct.
> >
> > The recent problem with having to yum clean all I have gone to the
> > extent of testing on a client machine. What i have done is run a cron
> > job for yum clean metadata whith a if then yum update. Evidently this is
> > not happing to everyone.
> 
> You don't need a cron job for this issue, it's a one-time event as the
> repo metadata for the new yum isn't compatible with the old yum and if
> there was cached old metadata left over after the upgrade, that wasn't
> marked stale, then it would cause yum grief. Clearing out the metadata
> was the simple fix and only needed to happen once.
> 
> I forgot to check to see if yum-updatesd kept a separate metadata
> cache too that might need manual clearing out.
> 
> -Ross
---

from: /usr/sbin/yum-updatesd
def invalidate_cache(*args):
    global updateInfoDone, updateInfo, helperProcess
    if helperProcess is not None:
        return
    updateInfo = []
    updateInfoDone = False
def setup_watcher():
    """Sets up gamin-based file watches on things we care about and
makes
       it so they get checked every 15 seconds."""
    # add some watches on directories.
    mon = gamin.WatchMonitor()
    mon.watch_directory("/var/lib/rpm", invalidate_cache)
    mon.watch_directory("/var/cache/yum", invalidate_cache)    
    map(lambda x: os.path.isdir("/var/cache/yum/%s" %(x,)) and
        mon.watch_directory("/var/cache/yum/%s" %(x,),
invalidate_cache),
        os.listdir("/var/cache/yum"))
    mon.handle_events()
    fd = mon.get_fd()
    gobject.io_add_watch(fd, gobject.IO_IN|gobject.IO_PRI,
                         lambda x, y: mon.handle_events())
------------------------------------------------------------------
Turns out that gamin is the one doing this metadata upkeep. Maybe Gamin
is not working right on some installs? 

Ross, the reason I done the cron job way was because I have had these
problems before. From the code above it uses the same cache.

JohnStanley