| Summary: | cdn-sync should work better with entitlement certificates in manifest | ||
|---|---|---|---|
| Product: | Red Hat Satellite 5 | Reporter: | Jan Dobes <jdobes> |
| Component: | Satellite Synchronization | Assignee: | Jan Dobes <jdobes> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Lukáš Hellebrandt <lhellebr> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 580 | CC: | adujicek, jhutar, lhellebr, tlestach |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | spacewalk-schema-2.5.1-31 satellite-schema-5.8.0.23 spacewalk-backend-2.5.3-68 spacewalk-java-2.5.14-58 spacewalk-reports-2.5.0-6 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-06-21 12:09:08 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | |||
| Bug Blocks: | 1340444 | ||
|
Comment 2
Jan Dobes
2017-02-09 18:05:24 UTC
new fix in spacewalk master: cd80879d09d6e859bac49b1681c2263a334b3018 1) When syncing a repository, the tool fails on loading a cert in file /usr/lib/python2.6/site-packages/spacewalk/satellite_tools/satCerts.py on line 79: # cdn-sync -c rhel-x86_64-server-7 11:59:22 ====================================== 11:59:22 | Channel: rhel-x86_64-server-7 11:59:22 ====================================== 11:59:22 Sync of channel started. 11:59:22 Repo URL: https://cdn.stage.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os 11:59:23 ERROR: expected a readable buffer object 11:59:23 Repo URL: https://cdn.stage.redhat.com/content/dist/rhel/server/7/7.3/x86_64/kickstart 11:59:23 ERROR: expected a readable buffer object 11:59:23 Repo URL: https://cdn.stage.redhat.com/content/dist/rhel/server/7/7.1/x86_64/kickstart 11:59:23 ERROR: expected a readable buffer object 11:59:23 Repo URL: https://cdn.stage.redhat.com/content/dist/rhel/server/7/7.2/x86_64/kickstart 11:59:24 ERROR: expected a readable buffer object 11:59:24 Repo URL: https://cdn.stage.redhat.com/content/dist/rhel/server/7/7.0/x86_64/kickstart 11:59:24 ERROR: expected a readable buffer object 11:59:24 Sync of channel completed in 0:00:01. This has been reproduced on a machine that has been installed as disconnected, then disconnected=0 was set in conf file and it was rhn-satellite-activated as --disconnected. The activation was run with NO --manifest and the problem got fixed when running it again with explicit --manifest specifying the same manifest as in /etc/sysconfig/rhn/rhsm-manifest.zip. This might have something to do with bug 1406462 . 2) Another problem is probably caused by these changes in DB. The spacewalk-report tool fails: # spacewalk-report repositories SQL error occurred, traceback follows... Traceback (most recent call last): File "/usr/bin/spacewalk-report", line 243, in <module> h.execute(**dict(report.params.items() + the_dict_where.items())) File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/sql_base.py", line 151, in execute return self._execute_wrapper(self._execute, *p, **kw) File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/driver_cx_Oracle.py", line 122, in _execute_wrapper raise_with_tb(sql_base.SQLStatementPrepareError(errno, errmsg, self.sql), sys.exc_info()[2]) File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/driver_cx_Oracle.py", line 113, in _execute_wrapper retval = function(*p, **kw) File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/sql_base.py", line 205, in _execute return self._execute_(args, kwargs) File "/usr/lib/python2.6/site-packages/spacewalk/server/rhnSQL/driver_cx_Oracle.py", line 167, in _execute_ self._real_cursor.execute(*(None, ), **params) spacewalk.server.rhnSQL.sql_base.SQLStatementPrepareError: ('ORA-00904: "CS"."SSL_CLIENT_KEY_ID": invalid identifier\n', 904, 'select * from ( select cs.org_id, cs.id, cs.label as repo_label, cst.label as repo_type, cs.source_url, ck_key.description as client_key_descr, ck_key.crypto_key_type_id as client_key_type, ck_key.key as client_key, ck_cert.description as client_cert_descr, ck_cert.crypto_key_type_id as client_cert_type, ck_cert.key as client_cert, ck_ca.description as ca_descr, ck_ca.crypto_key_type_id as ca_type, ck_ca.key as ca_key from rhncontentsource cs left outer join rhncryptokey ck_key on ck_key.id = cs.ssl_client_key_id left outer join rhncryptokey ck_cert on ck_cert.id = cs.ssl_client_cert_id left outer join rhncryptokey ck_ca on ck_ca.id = cs.ssl_ca_cert_id join rhncontentsourcetype cst on cs.type_id = cst.id where cs.org_id is not null ) X order by org_id, id') This problem has been reproduced on the same machine and did NOT get fixed by rhn-satellite-activate with --manifest. # rpm -q spacewalk-backend spacewalk-backend-2.5.3-65.el6sat.noarch spacewalk-report bug fixed in spacewalk master: 11eded2dddf3f328376bc557287959e60af547d7 fixing first bug from comment #9 and another possible bug not directly reproducible: a708b6faac005337f93f8d8ac79f10d4ca42b573 938541a9e83d297ce0597adebdcea5f14b430817 Verified with spacewalk-java-2.5.14-63.el6sat.noarch , spacewalk-schema-2.5.1-36.el6sat.noarch, satellite-schema-5.8.0.24-1.el6sat.noarch, spacewalk-backend-2.5.3-86.el6sat.noarch Used reproducer from OP. When there is some entitlement certificate expired and some not expired in the used manifest for a channel synced, sync works correctly and the following warning is shown *in verbose mode*: "WARNING: Problem with dates in certificate '<CERT>'. Please check validity of this certificate." New bugs introduced pointed out in comment 5 and comment 9 have been fixed: ISE does not occur anymore, cdn-sync works and "spacewalk-report repositories" works. Note: Functionality described in comment 1 point 2) has not been implemented. |