calestyo
commented
8 years ago Hey.
Sorry for the delay. I'd strongly suspect that this would be an issue in yum-security. check_yum simply takes the output of yum --security check-update and looks for these regular expressions:
"Needed \d+ of \d+ packages, for security"
"\d+ package\(s\) needed for security, out of \d+ available"
"No packages needed, for security, \d+ available"
"No packages needed for security; \d+ packages available"So either they tell about the security updates or not, right now I cannot see how check_yum could do anything wrong there.
Have you reported the issue against the yum-security upstream?
Cheers, Chris.
Hi,
It seems like when security updates are surpassed by non-security updates the security update is missed.
Not sure where the fault lies, check_yum does not see the list of packages in the '/usr/bin/yum --security check-update' output or if it is a '/usr/bin/yum --security check-update' bug, which concludes there are 'No packages needed for security', but still shows in between updates that are security upgrades.
./check_yum -vvvv check_yum - Version 1.1.0
setting plugin timeout to 55 seconds running command: /usr/bin/yum --security check-update Returncode: '100' Output: 'Loaded plugins: changelog, fastestmirror, security Loading mirror speeds from cached hostfile
facter.x86_64 1:2.4.1-1.el6 puppetlabs-products tzdata.noarch 2015a-1.el6 updates
' 0 Security Updates Available. 28 Non-Security Updates Available
yum check-update --security -v Loading "changelog" plugin Loading "fastestmirror" plugin Loading "security" plugin Config time: 0.048 Yum Version: 3.2.29 rpmdb time: 0.000 Building updates object Setting up Package Sacks Loading mirror speeds from cached hostfile
facter.x86_64 1:2.4.1-1.el6 puppetlabs-products tzdata.noarch 2015a-1.el6 updates