OK, here is my problem. I have 2 different versions of openssl from 2 different repos. Our organization is using the standard openssl package for just about everything and want to make sure it current. Then we have a special package that has its single dependency on our own custom version of openssl. The two packages can be installed separately and everything works fine. But ..... when trying to install through puppet, our repo''s version of openssl trying to update the current version rather than install causing a failure. I know i can do an exec and get around this but is there a better way? Can I pass parameter to rpm to force an install rather than an upgrade? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Ian Ward Comfort
2009-Dec-16 18:14 UTC
Re: [Puppet Users] RPM package install/upgrade issue
On 16 Dec 2009, at 10:06 AM, jokeeffe wrote:> OK, here is my problem. I have 2 different versions of openssl from > 2 different repos. Our organization is using the standard openssl > package for just about everything and want to make sure it current. > Then we have a special package that has its single dependency on our > own custom version of openssl. The two packages can be installed > separately and everything works fine. But ..... when trying to > install through puppet, our repo''s version of openssl trying to > update the current version rather than install causing a failure. > > I know i can do an exec and get around this but is there a better > way? Can I pass parameter to rpm to force an install rather than an > upgrade?This isn''t a Puppet solution, but is it possible to build your custom OpenSSL RPM with a different name? (Say, openssl-yoursite?) We avoid building our own packages with the same name as official distro packages to avoid this and similar problems. -- Ian Ward Comfort <icomfort@rescomp.stanford.edu> Systems Team Lead, Academic Computing Services, Stanford University -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
No, I definitely agree and its a bad practice. Unfortunately, its out of my control. On Dec 16, 12:14 pm, Ian Ward Comfort <icomf...@rescomp.stanford.edu> wrote:> On 16 Dec 2009, at 10:06 AM, jokeeffe wrote: > > > OK, here is my problem. I have 2 different versions of openssl from > > 2 different repos. Our organization is using the standard openssl > > package for just about everything and want to make sure it current. > > Then we have a special package that has its single dependency on our > > own custom version of openssl. The two packages can be installed > > separately and everything works fine. But ..... when trying to > > install through puppet, our repo''s version of openssl trying to > > update the current version rather than install causing a failure. > > > I know i can do an exec and get around this but is there a better > > way? Can I pass parameter to rpm to force an install rather than an > > upgrade? > > This isn''t a Puppet solution, but is it possible to build your custom > OpenSSL RPM with a different name? (Say, openssl-yoursite?) We avoid > building our own packages with the same name as official distro > packages to avoid this and similar problems. > > -- > Ian Ward Comfort <icomf...@rescomp.stanford.edu> > Systems Team Lead, Academic Computing Services, Stanford University-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
On 12/16/2009 01:06 PM, jokeeffe wrote:> OK, here is my problem. I have 2 different versions of openssl from 2 > different repos. Our organization is using the standard openssl > package for just about everything and want to make sure it current. > Then we have a special package that has its single dependency on our > own custom version of openssl. The two packages can be installed > separately and everything works fine. But ..... when trying to install > through puppet, our repo''s version of openssl trying to update the > current version rather than install causing a failure. >Maybe increase the epoch of your RPM so it''s always higher than the distro''s version? -Doug
On Dec 16, 12:06 pm, jokeeffe <jete.okee...@gmail.com> wrote: [...]> when trying to install > through puppet, our repo''s version of openssl trying to update the > current version rather than install causing a failure.You may be able to configure yum to avoid this problem. If you install the yum protectbase plugin then you can set up your repo definitions so that packages from some repos are never replaced by packages from repos not in the protected group. I believe puppet''s Yumrepo type even supports the relevant parameter ("protect"). Alternatively, you may be able to make the yum versionlock plugin do what you want, but I haven''t played with that one myself. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.