This seems to be a bug in yum-utils, nothing that you're doing wrong.
I did a little crude "print" debugging between my RHEL 6 server, and My Fedora 14 workstation. Right after line 47 & 48 in /usr/bin/yumdownloader:
(n,v,r,e,a) = rpmUtils.miscutils.splitFilename(pkg.sourcerpm)
src = self.pkgSack.searchNevra(name=n, ver=v, rel=r, arch='src')
I added a couple of debugging statements and found the following:
From my RHEL 6 server (indented areas following "Debug:" being the areas of interest):
# yumdownloader --source gcc
Loaded plugins: presto, rhnplugin
Enabling epel-source repository
Debug:
pkg.sourcerpm = gcc-4.4.4-13.el6.src.rpm
n = gcc
v = 4.4.4
r = 13.el6
src = []
No source RPM found for gcc-4.4.4-13.el6.x86_64
Debug:
pkg.sourcerpm = gcc-4.4.5-6.el6.src.rpm
n = gcc
v = 4.4.5
r = 6.el6
src = []
No source RPM found for gcc-4.4.5-6.el6.x86_64
Nothing to download
From my Fedora 14 workstation:
# yumdownloader --source gcc
Loaded plugins: presto, refresh-packagekit
Enabling updates-source repository
Enabling rpmfusion-nonfree-updates-source repository
Enabling rpmfusion-nonfree-source repository
Enabling rpmfusion-free-updates-source repository
Enabling fedora-source repository
Enabling rpmfusion-free-source repository
Debug:
pkg.sourcerpm = gcc-4.5.1-4.fc14.src.rpm
n = gcc
v = 4.5.1
r = 4.fc14
src = [<YumAvailablePackageSqlite : gcc-4.5.1-4.fc14.src (0xe5e150)>]
gcc-4.5.1-4.fc14.src.rpm | 52 MB 00:38
So we know what src "should" be, based off of Fedora 14. /usr/bin/yumdownloader is identical between RHEL6, and Fedora 14 (md5sums match). However the yum-utils libraries that yumdownloader is leveraging are different between RHEL6 and Fedora 14, and that is likely the culprit.
I'd file a bug with Redhat against the yum-utils package.
Installing packages from a CentOS 6 repo on CentOS 5 is ill-advised and should be avoided. Please just upgrade to CentOS 6 completely if you want this. Alternatively, manually grab the source rpm and rebuild it on CentOS 5.
As to why this fails: the newer createrepo for CentOS 6 uses a different algorithm for checksums than the one used by yum in CentOS 5 (sha256 vs sha1 iirc), so your yum has no way of verifying the repository contents.
Best Answer
If you already have a local network repository mirror working, then you should configure the clients to use it, and they will update from there.
In your clients:
cd /etc/yum.repos.d
vim mylocal.repo
Fill in:
Where
my-repo-server
is the URL or IP of your repo server.You should probably remove/comment the official public repos URL from the clients as well if you don`t want them updating through the Internet.
Forgot the auto-update part:
For the auto-update / auto-upgrade to work you should do a few more changes in the clients.
Install yum-cron
Configure yum-cron
You can select which packages to auto-upgrade in yum-cron among other self-documented options in that file, this are the upgrade options to choose from:
I would probably not recommend leaving the
default
, and instead use thesecurity
one. As upgrading all the packages automatically could lead to unforeseen issues.Start and enable the service for auto start on boot:
ps. Upgrade and update are two different things. The first one executes the package upgrades, while the latter just updates the repository index (to see which changes are upstream).