search

craigwblake / redline

Pure Java Rpm Library
http://redline-rpm.org
MIT License
127 stars 97 forks source link

RPM header is bad on CentOS 5 with RPM v4.4.2.3 #97

Open gbranchaudrubenovitch opened 8 years ago

gbranchaudrubenovitch commented 8 years ago

I can't build my RPM with Redline 1.2.2 and install it on CentOs 5.8. RPM complains that the header is bad.

The same project worked fine with Redline 1.2.1, but breaks with Redline 1.2.2

Note: I am consuming Redline via the nebula.ospackage gradle plugin.

Here is a test repo that showcases the issue: https://github.com/gbranchaudrubenovitch/redline-centos5-rpm-fail

Steps to repro:

  1. git clone https://github.com/gbranchaudrubenovitch/redline-centos5-rpm-fail.git
  2. cd redline-centos5-rpm-fail
  3. ./gradlew buildRpm
  4. rpm -vvqip ./build/distributions/main-1.0.1-1.noarch.rpm

    Results on CentOS 5.8, with RPM v4.4.2.3 (it fails!)

[]$ rpm -vvqip  ./build/distributions/main-1.0.1-1.noarch.rpm
D: Expected size:         5230 = lead(96)+sigs(180)+pad(4)+data(4950)
D:   Actual size:         5230
error: ./build/distributions/main-1.0.1-1.noarch.rpm: headerRead failed: Header sanity check: OK
D: May free Score board((nil))

Results on CentOS 7, with RPM v4.11.1 (it works!)

D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key
D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key
D: loading keyring from rpmdb
D: serialize failed, using private dbenv
D: opening  db environment /var/lib/rpm cdb:private:0x401
D: opening  db index       /var/lib/rpm/Packages 0x400 mode=0x0
D: locked   db index       /var/lib/rpm/Packages
D: opening  db index       /var/lib/rpm/Name 0x400 mode=0x0
D:  read h#     356 Header SHA1 digest: OK (e6870d8b02e1f67dee30779203c6104284ea269a)
D: added key gpg-pubkey-f4a80eb5-53a7ff4b to keyring
D:  read h#     498 Header SHA1 digest: OK (972185b98bfd453af12d4b667b22871cc2fdb803)
D: added key gpg-pubkey-352c64e5-52ae6884 to keyring
D: Using legacy gpg-pubkey(s) from rpmdb
D: Expected size:         5222 = lead(96)+sigs(180)+pad(4)+data(4942)
D:   Actual size:         5222
D: ./build/distributions/main-1.0.1-1.noarch.rpm: Header SHA1 digest: OK (f2de67d60184b8e359c7e0b31575c6fea034c21c)
Name        : main
Epoch       : 0
Version     : 1.0.1
Release     : 1
Architecture: noarch
Install Date: (not installed)
Group       : Some/Modules
Size        : 2670
License     : Commercial
Signature   : (none)
Source RPM  : main-1.0.1-1-src.rpm
Build Date  : Wed 20 Jan 2016 02:23:19 PM GMT
Build Host  : some.centos7.host
Relocations : /some /some
Packager    : gbranchaud
Vendor      : TheCompany <some@company.com>
URL         : some-url
Summary     : main
Description :

D: closed   db index       /var/lib/rpm/Name
D: closed   db index       /var/lib/rpm/Packages
D: closed   db environment /var/lib/rpm

Expected results on both OS:

clintongormley commented 8 years ago

I'm getting the same thing on SLES 11 when trying to build Elasticsearch. Running the generated RPM through rpmrebuild results in an RPM that can be installed. Any info I can provide which would help diagnose the issue?

rjernst commented 8 years ago

I believe the problem here is redline adds both md5 and sha1 to the header. However, rpm 4.4 does not know about anything but md5, as the filedigest algorithm capabilities were added in rpm 4.6. In order to fix this, #68 would have to be addressed, or the sha1 writing could be removed temporarily until that issue allows specifying which algorithm to use.

rschlussel-zz commented 8 years ago

We have the same issue. I found it was a result of long inode values, which were only introduced in rpm 4.6. (as @rmquapp notes).