Bug 7662 - sa-update outputs an error if a mirror download fails
Summary: sa-update outputs an error if a mirror download fails
Status: RESOLVED FIXED
Alias: None
Product: Spamassassin
Classification: Unclassified
Component: spamassassin (show other bugs)
Version: 3.4.2
Hardware: PC Linux
: P2 normal
Target Milestone: Undefined
Assignee: SpamAssassin Developer Mailing List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-12-03 12:59 UTC by Simon Arlott
Modified: 2019-01-05 09:37 UTC (History)
3 users (show)



Attachment Type Modified Status Actions Submitter/CLA Status

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Arlott 2018-12-03 12:59:46 UTC
I keep getting the following error from sa-update periodically:
Cannot open file /var/lib/spamassassin/3.004002/updates_spamassassin_org/1847788.tar.gz: No such file or directory at /usr/bin/sa-update line 1600.

It happens because I have prevented the debian-spamd user from accessing Cloudflare.

sa-update continues on to the next mirror but it's annoying to get emails about this when it was able to recover.


(Note: I'm blocking Cloudflare because proxies are incompatible with the way the spamassassin update data is created. The data is generated twice with the same filenames at two different times of the day. Proxies like Cloudflare will cache data files and GPG signatures independently.

Depending on when these files are retrieved, the GPG signature will then not match. This causes people to disable the GPG signature check which makes it even more likely that the data file from the first run will be cached and then fail to validate if the GPG signature from the second run is downloaded.)
Comment 1 Henrik Krohns 2018-12-03 13:05:59 UTC
Mirror retry ended up broken in 3.4.2, will be fixed next version as per bug 7418.

*** This bug has been marked as a duplicate of bug 7418 ***
Comment 2 RW 2018-12-03 16:15:18 UTC
(In reply to Simon Arlott from comment #0)
 
> (Note: I'm blocking Cloudflare because proxies are incompatible with the way
> the spamassassin update data is created. The data is generated twice with
> the same filenames at two different times of the day. Proxies like
> Cloudflare will cache data files and GPG signatures independently.
> 
> Depending on when these files are retrieved, the GPG signature will then not
> match.

Are you sure about that? The file names contain the update number, so that sounds like a more serious problem than the one you are reporting here.
Comment 3 Simon Arlott 2019-01-05 09:21:07 UTC
(In reply to RW from comment #2)
> (In reply to Simon Arlott from comment #0)
>  
> > (Note: I'm blocking Cloudflare because proxies are incompatible with the way
> > the spamassassin update data is created. The data is generated twice with
> > the same filenames at two different times of the day. Proxies like
> > Cloudflare will cache data files and GPG signatures independently.
> > 
> > Depending on when these files are retrieved, the GPG signature will then not
> > match.
> 
> Are you sure about that? The file names contain the update number, so that
> sounds like a more serious problem than the one you are reporting here.

Yes. I reported it on the IRC channel last year and no one cared.

I've now created bug 7676 for it.

This bug is not a duplicate of bug 7418. Bug 7418, comment 7 should have been a new bug report.
Comment 4 Simon Arlott 2019-01-05 09:37:15 UTC
The fix in bug 7418, comment 7 works but this bug needs a target version of 3.4.3