Bug 1122140

Summary: Proxy Realm feature does not work on RHEL 7
Product: Red Hat Enterprise Linux 7 Reporter: Jason Montleon <jmontleo>
Component: rubyAssignee: Vít Ondruch <vondruch>
Status: CLOSED ERRATA QA Contact: Iveta Wiedermann <isenfeld>
Severity: unspecified Docs Contact:
Priority: high    
Version: 7.0CC: chrobert, dcleal, djuran, isenfeld, katello-bugs, katello-qa-list, lmiksik, ovasik, pdwyer, toneata
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: http://projects.theforeman.org/issues/6724
Whiteboard:
Fixed In Version: ruby-2.0.0.598-24.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1122139 Environment:
Last Closed: 2015-03-05 13:36:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1071187    
Bug Blocks: 1122139    

Description Jason Montleon 2014-07-22 15:51:41 UTC 
+++ This bug was initially created as a clone of Bug #1122139 +++

Attempting to use the Realm Capsule feature with a RHEL 7 IPA server will result in a trace in /var/log/foreman-proxy/proxy.log as below.

This appers to be due to a ruby bug
https://bugs.ruby-lang.org/issues/8182

Commenting these out on lines 505-506 in /usr/share/ruby/xmlrpc/client.rb seems to work around it in the short term.
      #elsif expected != "<unknown>" and expected.to_i != data.bytesize and resp["Transfer-Encoding"].nil?
      #  raise "Wrong size. Was #{data.bytesize}, should be #{expected}"

trace:
I, [2014-07-22T11:19:49.235746 #20459]  INFO -- : Requesting credentials for Kerberos principal realm-proxy.ENG.BOS.REDHAT.COM using keytab /etc/foreman-proxy/freeipa.keytab
D, [2014-07-22T11:19:49.250436 #20459] DEBUG -- : Kerberos credential cache initialised with principal: realm-proxy.ENG.BOS.REDHAT.COM
E, [2014-07-22T11:19:49.365526 #20459] ERROR -- : Wrong size. Was 329, should be 206
D, [2014-07-22T11:19:49.366094 #20459] DEBUG -- : /usr/share/ruby/xmlrpc/client.rb:506:in `do_rpc'
/usr/share/ruby/xmlrpc/client.rb:281:in `call2'
/usr/share/ruby/xmlrpc/client.rb:262:in `call'
/usr/share/foreman-proxy/modules/realm/freeipa.rb:63:in `find'
/usr/share/foreman-proxy/modules/realm/freeipa.rb:83:in `create'
/usr/share/foreman-proxy/modules/realm/realm_api.rb:26:in `block in <class:Api>'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:1293:in `call'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:1293:in `block in compile!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:860:in `[]'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:860:in `block (3 levels) in route!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:876:in `route_eval'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:860:in `block (2 levels) in route!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:897:in `block in process_route'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:895:in `catch'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:895:in `process_route'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:859:in `block in route!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:858:in `each'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:858:in `route!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:963:in `block in dispatch!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `block in invoke'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `catch'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `invoke'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:960:in `dispatch!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:794:in `block in call!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `block in invoke'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `catch'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:946:in `invoke'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:794:in `call!'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:780:in `call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/commonlogger.rb:20:in `call'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:161:in `call'
/usr/share/foreman-proxy/lib/proxy/log.rb:29:in `call'
/usr/share/gems/gems/rack-protection-1.5.0/lib/rack/protection/xss_header.rb:18:in `call'
/usr/share/gems/gems/rack-protection-1.5.0/lib/rack/protection/path_traversal.rb:16:in `call'
/usr/share/gems/gems/rack-protection-1.5.0/lib/rack/protection/json_csrf.rb:18:in `call'
/usr/share/gems/gems/rack-protection-1.5.0/lib/rack/protection/base.rb:49:in `call'
/usr/share/gems/gems/rack-protection-1.5.0/lib/rack/protection/base.rb:49:in `call'
/usr/share/gems/gems/rack-protection-1.5.0/lib/rack/protection/frame_options.rb:31:in `call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/nulllogger.rb:9:in `call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/head.rb:9:in `call'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/showexceptions.rb:21:in `call'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:124:in `call'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:1417:in `block in call'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:1499:in `synchronize'
/usr/share/gems/gems/sinatra-1.3.6/lib/sinatra/base.rb:1417:in `call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/builder.rb:134:in `call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/urlmap.rb:64:in `block in call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/urlmap.rb:49:in `each'
/usr/share/gems/gems/rack-1.4.1/lib/rack/urlmap.rb:49:in `call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/builder.rb:134:in `call'
/usr/share/gems/gems/rack-1.4.1/lib/rack/handler/webrick.rb:59:in `service'
/usr/share/ruby/webrick/httpserver.rb:138:in `service'
/usr/share/ruby/webrick/httpserver.rb:94:in `run'
/usr/share/ruby/webrick/server.rb:295:in `block in start_thread'
10.16.133.12 - - [22/Jul/2014 11:19:49] "POST /realm/SAT6.LAB.ENG.BOS.REDHAT.COM/ HTTP/1.1" 400 34 0.1336
Comment 1 Vít Ondruch 2014-07-28 10:35:27 UTC 
The fix for this issue was backported to stable Ruby 2.0.0 branch [1] and will be available in next minor release. It could be resolved by bug 1071187 if accepted for next RHEL minor release.


[1] https://bugs.ruby-lang.org/projects/ruby-200/repository/revisions/46153
Comment 7 errata-xmlrpc 2015-03-05 13:36:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0594.html