同步查错
同步失败的原因有很多。要获取有关连接问题的详细信息,请运行以下命令:
export URLGRABBER_DEBUG=DEBUG spacewalk-repo-sync -c <通道名称> <选项> > /var/log/spacewalk-repo-sync-$(date +%F-%R).log 2>&1
You can also check logs created by Zypper at /var/log/zypper.log
- GPG 密钥不匹配
-
SUSE Multi-Linux Manager does not automatically trust third party GPG keys. If package synchronization fails, it could be because of an untrusted GPG key. You can find out if this is the case by opening
/var/log/rhn/reposyncand looking for an error like this:['/usr/bin/spacewalk-repo-sync', '--channel', 'sle-12-sp1-ga-desktop- nvidia-driver-x86_64', '--type', 'yum', '--non-interactive'] RepoMDError:无法访问储存库。可能未导入储存库 GPG 密钥
要解决该问题,需要将 GPG 密钥导入 SUSE Multi-Linux Manager。有关导入 GPG 密钥的详细信息,请参见 储存库元数据。
- GPG Key Removal from
spacewalk-repo-sync -
When a GPG key for repository has been manually imported using
spacewalk-repo-sync, and this key is no longer needed (for example if the key was compromised, or was used for testing purposes only), it can be removed from the zypper RPM database used byspacewalk-repo-syncwith the following command:rpm --dbpath=/var/lib/spacewalk/reposync/root/var/lib/rpm/ -e gpg-pubkey-*
where
gpg-pubkey-*is the name of the GPG key to be removed. - 续订 GPG 密钥
-
如果您要续订某个 GPG 密钥,请先去除旧密钥,然后生成并导入新密钥。
- 校验和不匹配
-
If a checksum has failed, you might see an error like this in the
/var/log/rhn/reposync/*.loglog file:Repo Sync Errors: (50, u'checksums did not match 326a904c2fbd7a0e20033c87fc84ebba6b24d937 vs afd8c60d7908b2b0e2d95ad0b333920aea9892eb', 'Invalid information uploaded to the server') The package microcode_ctl-1.17-102.57.62.1.x86_64 which is referenced by patch microcode_ctl-8413 was not found in the database. This patch has been skipped.
You can resolve this error by running the synchronization from the command prompt with the
-Yoption:spacewalk-repo-sync --channel <通道名称> -Y
此选项在同步之前校验储存库数据,而不是依赖于本地缓存的校验和。
- 连接超时
-
如果下载超时并出现以下错误:
28:操作速度太慢。过去 300 秒的传输速率小于 1000 字节/秒
You can resolve this error by specifying
reposync_timeoutandreposync_minrateconfiguration values in/etc/rhn/rhn.conf. By default, when less than 1000 bytes per second are transferred in 300 secs, the download is aborted. You can adjust the number of bytes per second withreposync_minrate, and the number of seconds to wait withreposync_timeout. - 重新同步期间手动信任密钥
-
It is possible that in some cases when
reposyncis run, you may need to accept the GPG key manually. For example:# spacewalk-repo-sync -c nvidia-compute-sle-15-x86_64-we-sp3 17:07:40 ====================================== 17:07:40 | Channel: nvidia-compute-sle-15-x86_64-we-sp3 17:07:40 ====================================== 17:07:40 Sync of channel started. New repository or package signing key received: Repository: nvidia-compute-sle-15-x86_64-we-sp3 Key Fingerprint: 610C 7B14 E068 A878 070D A4E9 9CD0 A493 D42D 0685 Key Name: cudatools <cudatools@nvidia.com> Key Algorithm: RSA 4096 Key Created: Thu Apr 14 16:04:01 2022 Key Expires: (does not expire) Rpm Name: gpg-pubkey-d42d0685-62589a51 Note: Signing data enables the recipient to verify that no modifications occurred after the data were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system and in extreme cases even to a system compromise. Note: A GPG pubkey is clearly identified by its fingerprint. Do not rely on the key's name. If you are not sure whether the presented key is authentic, ask the repository provider or check their web site. Many providers maintain a web page showing the fingerprints of the GPG keys they are using. Do you want to reject the key, trust temporarily, or trust always? [r/t/a/?] (r):