On Wed, 10 Jan 2018, Dave Jones wrote:
On 01/10/2018 08:48 AM, Kevin A. McGrail wrote:
Can you turn on debugging and perhaps add it to retry again? I am trying
to figure out if it is one server with an issue.
We have added a number of new sa-update mirrors recently. Check the
MIRRORED.BY file and do ping/traceroutes AND wget/curls to each server. There
could be a local routing problem getting to one of them from your
location/ISP.
https://svn.apache.org/viewvc/spamassassin/site/updates/MIRRORED.BY?revision=1819744&view=markup
Dave
I am the maintainer of one of the new sa-update mirrors
(sa-update.fossies.org).
Just an observation (although I am not very familiar with the complete
update mechanismn):
For e.g. today between
10/Jan/2018:09:34:29 +0100
and
10/Jan/2018:09:40:04 +0100
I saw in the web logs of the mirror 76 GET requests to /1820725.tar.gz
with a 404 ("Not Found") response code (only an that time interval).
The file 1820725.tar.gz has on the mirror server the last modification
date "Jan 10 09:31" and the rsync logs shows that the file 1820725.tar.gz
was fetched at
Jan 10 09:40:11 CET 2018
So some client hosts have probably the information that 1820725.tar.gz is
the freshest update file before the mentioned mirror server has rsynced
that file.
Similar effects I found in the days before with roughly 80 "404 (Not
Found)" requests against roughly 61000 "200 (Ok)" requests.
Can it be possible that the failed SHA1 verification is caused by that
effect?
If yes, is the mirror frequency too low (on sa-update.fossies.org
currently 10 minutes) or is the information about the current update file
too early available to the clients?
But maybe I have misinterpreted the situation.
Regards
Jens
On 1/10/2018 9:25 AM, Dale Blount wrote:
I get them randomly starting a few months back. My cronjob is set for
4:40am Eastern. Normally it won't fail two days in a row.
My cron script looks like this:
/usr/bin/vendor_perl/sa-update --gpgkey 6C6191E3 --channel
updates.spamassassin.org
RET=$?
if [ "$RET" -eq 0 ]; then
/usr/bin/vendor_perl/sa-compile && systemctl restart spamassassin
fi
On 01/10/2018 09:09 AM, Kevin A. McGrail wrote:
Anyone having issues with Sha1 failures on their machines on sa-updates?
Anyone familiar with sa-update.cron so we can try and get more data on
this bug below?
-------- Forwarded Message --------
Subject: [Bug 7331] channel: SHA1 verification failed, channel failed
Date: Tue, 09 Jan 2018 15:05:37 +0000
From: bugzilla-dae...@issues.apache.org
To: kmcgr...@apache.org
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7331
--- Comment #5 from Jonathan Kamens<j...@kamens.us> ---
(In reply to Kevin A. McGrail from comment #4)
> Please add more logs and if you can, try manually downloading the
files.
I'm getting the error from sa-update.cron, so (a) I'm not around when it
happens in the middle of the night to retry it immediately, and (b) I
have no
idea where, if anywhere, the logs from sa-update.cron are captured.
If you can advise me how to configure or modify the cron job so that it
captures logs, I will be glad to follow your advice to collect additional
information.
> My big question is does a subsequent run fix the issue? Is there a
specific
> mirror that might be having the issue?
When I get the error overnight and then rerun the update during the day
when I
notice it, it usually works the second time.
