Yum hosted repo metadata does not contain files with type ghost

[alexandrovas]

Hello!

Nexus generates incorrect metadata for rpm-packages with ghost files.

In native repodata/*-primary.xml.gz (created via createrepo):

...
  <package type="rpm">
    <name>ssmtp</name>
    <arch>x86_64</arch>
    <version epoch="0" ver="2.64" rel="14.el7"/>
    <checksum type="sha256" pkgid="YES">8081939ccd0ba64940f3c046a4bbd31e2f74435ee04de0ee6c764d7d798bd182</checksum>
    <summary>Extremely simple MTA to get mail off the system to a Mailhub</summary>
    <description>A secure, effective and simple way of getting mail off a system to your mail
hub. It contains no suid-binaries or other dangerous things - no mail spool
to poke around in, and no daemons running in the background. Mail is simply
forwarded to the configured mailhost. Extremely easy configuration.

WARNING: the above is all it does; it does not receive mail, expand aliases
or manage a queue. That belongs on a mail hub with a system administrator.</description>
    <packager>Fedora Project</packager>
    <url>http://packages.debian.org/stable/mail/ssmtp</url>
    <time file="1414689875" build="1414627216"/>
    <size package="51620" installed="76261" archive="79152"/>
    <location href="ssmtp-2.64-14.el7.x86_64.rpm"/>
    <format>
      <rpm:license>GPLv2+</rpm:license>
      <rpm:vendor>Fedora Project</rpm:vendor>
      <rpm:group>Applications/Internet</rpm:group>
      <rpm:buildhost>buildvm-27.phx2.fedoraproject.org</rpm:buildhost>
      <rpm:sourcerpm>ssmtp-2.64-14.el7.src.rpm</rpm:sourcerpm>
      <rpm:header-range start="1384" end="16880"/>
      <rpm:provides>
        <rpm:entry name="MTA"/>
        <rpm:entry name="config(ssmtp)" flags="EQ" epoch="0" ver="2.64" rel="14.el7"/>
        <rpm:entry name="smtpdaemon"/>
        <rpm:entry name="ssmtp" flags="EQ" epoch="0" ver="2.64" rel="14.el7"/>
        <rpm:entry name="ssmtp(x86-64)" flags="EQ" epoch="0" ver="2.64" rel="14.el7"/>
      </rpm:provides>
      <rpm:requires>
        <rpm:entry name="/bin/sh"/>
        <rpm:entry name="/bin/sh" pre="1"/>
        <rpm:entry name="/usr/sbin/alternatives"/>
        <rpm:entry name="/usr/sbin/alternatives" pre="1"/>
        <rpm:entry name="libc.so.6(GLIBC_2.14)(64bit)"/>
        <rpm:entry name="libcrypto.so.10()(64bit)"/>
        <rpm:entry name="libcrypto.so.10(libcrypto.so.10)(64bit)"/>
        <rpm:entry name="libssl.so.10()(64bit)"/>
        <rpm:entry name="libssl.so.10(libssl.so.10)(64bit)"/>
        <rpm:entry name="rtld(GNU_HASH)"/>
      </rpm:requires>
      <file>/etc/ssmtp/revaliases</file>
      <file>/etc/ssmtp/ssmtp.conf</file>
      <file>/usr/bin/mailq.ssmtp</file>
      <file>/usr/bin/newaliases.ssmtp</file>
      <file>/usr/sbin/sendmail.ssmtp</file>
      <file>/usr/sbin/ssmtp</file>
      <file type="dir">/etc/ssmtp</file>
      <file type="ghost">/usr/bin/mailq</file>
      <file type="ghost">/usr/bin/newaliases</file>
      <file type="ghost">/usr/sbin/sendmail</file>
    </format>
  </package>
...

Yum metadata in Nexus (same package ssmtp):

<package type="rpm">
    <name>ssmtp</name>
    <arch>x86_64</arch>
    <version epoch="0" ver="2.64" rel="14.el7"/>
    <checksum type="sha256" pkgid="YES">8081939ccd0ba64940f3c046a4bbd31e2f74435ee04de0ee6c764d7d798bd182</checksum>
    <summary>Extremely simple MTA to get mail off the system to a Mailhub</summary>
    <description>A secure, effective and simple way of getting mail off a system to your mail
hub. It contains no suid-binaries or other dangerous things - no mail spool
to poke around in, and no daemons running in the background. Mail is simply
forwarded to the configured mailhost. Extremely easy configuration.

WARNING: the above is all it does; it does not receive mail, expand aliases
or manage a queue. That belongs on a mail hub with a system administrator.</description>
    <packager>Fedora Project</packager>
    <url>http://packages.debian.org/stable/mail/ssmtp</url>
    <time file="1713396815899" build="1414627216"/>
    <size package="51620" installed="76261" archive="79152"/>
    <location href="ssmtp-2.64-14.el7.x86_64.rpm"/>
    <format>
      <rpm:license>GPLv2+</rpm:license>
      <rpm:vendor>Fedora Project</rpm:vendor>
      <rpm:group>Applications/Internet</rpm:group>
      <rpm:buildhost>buildvm-27.phx2.fedoraproject.org</rpm:buildhost>
      <rpm:sourcerpm>ssmtp-2.64-14.el7.src.rpm</rpm:sourcerpm>
      <rpm:header-range start="1384" end="16880"/>
      <rpm:provides>
        <rpm:entry name="MTA"/>
        <rpm:entry ver="2.64" name="config(ssmtp)" flags="EQ" rel="14.el7" epoch="0"/>
        <rpm:entry name="smtpdaemon"/>
        <rpm:entry ver="2.64" name="ssmtp" flags="EQ" rel="14.el7" epoch="0"/>
        <rpm:entry ver="2.64" name="ssmtp(x86-64)" flags="EQ" rel="14.el7" epoch="0"/>
      </rpm:provides>
      <rpm:requires>
        <rpm:entry name="/bin/sh"/>
        <rpm:entry pre="1" name="/bin/sh"/>
        <rpm:entry name="/usr/sbin/alternatives"/>
        <rpm:entry pre="1" name="/usr/sbin/alternatives"/>
        <rpm:entry name="libc.so.6(GLIBC_2.14)(64bit)"/>
        <rpm:entry name="libcrypto.so.10()(64bit)"/>
        <rpm:entry name="libcrypto.so.10(libcrypto.so.10)(64bit)"/>
        <rpm:entry name="libssl.so.10()(64bit)"/>
        <rpm:entry name="libssl.so.10(libssl.so.10)(64bit)"/>
        <rpm:entry name="rtld(GNU_HASH)"/>
      </rpm:requires>
      <file>/etc/ssmtp/revaliases</file>
      <file>/etc/ssmtp/ssmtp.conf</file>
      <file>/usr/bin/mailq.ssmtp</file>
      <file>/usr/bin/newaliases.ssmtp</file>
      <file>/usr/sbin/sendmail.ssmtp</file>
      <file>/usr/sbin/ssmtp</file>
      <file type="dir">/etc/ssmtp</file>
    </format>
  </package>

As can you see Nexus generated metadata does not contain block:

      <file type="ghost">/usr/bin/mailq</file>
      <file type="ghost">/usr/bin/newaliases</file>
      <file type="ghost">/usr/sbin/sendmail</file>

The absence of this data breaks the yum provides feature.

For local repo created via createrepo cli:

❯ yum --disablerepo='*' --enablerepo='testing-local' provides /usr/sbin/sendmail
Loaded plugins: fastestmirror, priorities, tsflags
Loading mirror speeds from cached hostfile
ssmtp-2.64-14.el7.x86_64 : Extremely simple MTA to get mail off the system to a Mailhub
Repo        : testing-local
Matched from:
Filename    : /usr/sbin/sendmail

For repo in Nexus with same packages:

❯ yum --disablerepo='*' --enablerepo='testing-nexus' provides /usr/sbin/sendmail
Loaded plugins: fastestmirror, priorities, tsflags
Loading mirror speeds from cached hostfile
No matches found

Nexus version: OSS 3.54.1-01

[nblair]

Hi @alexandrovas thanks for opening an issue. I'm unfamiliar with "ghost" packages you describe, can you tell me more about the origin? Are there specific yum packages you can proxy that contain this information, or are these packages you are building and storing in hosted repositories.

I'm going to mark this with the enhancement label, as it may not be provided with our current yum integration as of yet.

[alexandrovas]

Hi @nblair! Thanks for your reaction.

According to rpm spec:

There are times when a file should be owned by the package but not installed - log files and state files are good examples of cases you might desire this to happen. The way to achieve this, is to use the %ghost directive. By adding this directive to the line containing a file, RPM will know about the ghosted file, but will not add it to the package.

Regarding your question:

Are there specific yum packages you can proxy that contain this information, or are these packages you are building and storing in hosted repositories.

This is copy of package from upstream repo (EPEL is this case). The specified package is just an example of the problem. There can be many packages with such a problem, if you take upstream of any RHEL-like repository.

We are store copies of all packages needed for build our custom packages in our Nexus yum repo.

Since this directive is part of the RPM specification, in my opinion it looks more like a bug than an enhancement.