Bug 1445428
| Summary: | httpd: HTTP Error 400 - Bad Request | ||
|---|---|---|---|
| Product: | [Community] Spacewalk | Reporter: | vinzenz.meier |
| Component: | Server | Assignee: | Tomáš Kašpárek <tkasparek> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Red Hat Satellite QA List <satqe-list> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 2.6 | CC: | c.lilwah, ggainey, matthewgwilkinson |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-06-19 08:17:36 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1484117 | ||
|
Description
vinzenz.meier
2017-04-25 16:09:56 UTC
I too am having this issue.
I did a fresh install of spacewalk yesterday
apachectl -v
Server version: Apache/2.4.6 (CentOS)
Server built: Apr 12 2017 21:03:28
On the client, if I edit the serverURL in /etc/sysconfig/rhn/up2date to either http or https it gives me the same error on yum check-update
http:
failed to retrieve repodata/repomd.xml from ****
error was [Errno 14] HTTP Error 400 - Bad Request
https
failed to retrieve repodata/repomd.xml from ****
error was [Errno 14] HTTPS Error 400 - Bad Request
additionally, I get D: local action status: ((6,), 'Fatal error in Python code occurred', {}) from rhn_check -vv
rhn_check -vv
D: do_call packages.checkNeedUpdate('rhnsd=1',){}
Loaded plugins: fastestmirror, rhnplugin
D: login(forceUpdate=False) invoked
D: readCachedLogin invoked
D: Checking pickled loginInfo, currentTime=1493177702.55, createTime=1493177520.76, expire-offset=3600.0
D: readCachedLogin(): using pickled loginInfo set to expire at 1493181120.76
D: rpcServer: Calling XMLRPC up2date.listChannels
This system is receiving updates from RHN Classic or Red Hat Satellite.
Loading mirror speeds from cached hostfile
* base: mirror.netflash.net
* epel: mirror.steadfast.net
* extras: centos.mirror.rafal.ca
* updates: mirror.csclub.uwaterloo.ca
updateLoginInfo() login info
D: login(forceUpdate=True) invoked
logging into up2date server
D: rpcServer: Calling XMLRPC up2date.login
D: writeCachedLogin() invoked
D: Wrote pickled loginInfo at 1493177705.25 with expiration of 1493181305.25 seconds.
successfully retrieved authentication token from up2date server
D: logininfo:{'X-RHN-Server-Id': 1000010002, 'X-RHN-Auth-Server-Time': '1493177706.24', 'X-RHN-Auth-Channels': [['centos7_parent', '20170425161252', '1', '1'], ['centos7', '20170425161948', '0', '1']], 'X-RHN-Auth': 'CXy/TcybsxQtQG1DkALcWy2GDW/ceJz9flgU4lXOsRs=', 'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'}
updateLoginInfo() login info
D: login(forceUpdate=True) invoked
logging into up2date server
D: rpcServer: Calling XMLRPC up2date.login
D: writeCachedLogin() invoked
D: Wrote pickled loginInfo at 1493177705.29 with expiration of 1493181305.29 seconds.
successfully retrieved authentication token from up2date server
D: logininfo:{'X-RHN-Server-Id': 1000010002, 'X-RHN-Auth-Server-Time': '1493177706.27', 'X-RHN-Auth-Channels': [['centos7_parent', '20170425161252', '1', '1'], ['centos7', '20170425161948', '0', '1']], 'X-RHN-Auth': 'w9GnU+NtfqOO5uc7e6VQGJCd664a4kzfNJ/pBgO4ya8=', 'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'}
updateLoginInfo() login info
D: login(forceUpdate=True) invoked
logging into up2date server
D: rpcServer: Calling XMLRPC up2date.login
D: writeCachedLogin() invoked
D: Wrote pickled loginInfo at 1493177705.34 with expiration of 1493181305.34 seconds.
successfully retrieved authentication token from up2date server
D: logininfo:{'X-RHN-Server-Id': 1000010002, 'X-RHN-Auth-Server-Time': '1493177706.33', 'X-RHN-Auth-Channels': [['centos7_parent', '20170425161252', '1', '1'], ['centos7', '20170425161948', '0', '1']], 'X-RHN-Auth': 'J0Lvv2Vwu3SNSMw4y5ws+k7tMyLcWwzZLPorNEPJYU8=', 'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'}
D: local action status: ((6,), 'Fatal error in Python code occurred', {})
D: rpcServer: Calling XMLRPC registration.welcome_message
also tried visiting the url in web browser. output is below.
Request URL:http://[my spacewalk fqdn]/XMLRPC/GET-REQ/centos7/repodata/repomd.xml
Request Method:GET
Status Code:405 Method Not Allowed
Remote Address:[spacewalk server ip address]:80
Referrer Policy:no-referrer-when-downgrade
same response with wget.
for comparison to the above packages, here is my package list as well
client:
rpm -qa|egrep 'rhn|spacewalk'
rhn-client-tools-2.6.8-1.el7.noarch
rhn-setup-2.6.8-1.el7.noarch
rhn-check-2.6.8-1.el7.noarch
rhn-org-trusted-ssl-cert-1.0-1.noarch
spacewalk-backend-usix-2.6.77-1.el7.noarch
rhncfg-client-5.10.99-1.el7.noarch
rhncfg-management-5.10.99-1.el7.noarch
spacewalk-client-repo-2.6-0.el7.noarch
rhnlib-2.6.3-1.el7.noarch
yum-rhn-plugin-2.6.3-1.el7.noarch
rhnsd-5.0.25-1.el7.x86_64
rhncfg-5.10.99-1.el7.noarch
rhncfg-actions-5.10.99-1.el7.noarch
server:
rpm -qa|egrep 'httpd|spacewalk|rhn'|sort
httpd-2.4.6-45.el7.centos.4.x86_64
httpd-tools-2.4.6-45.el7.centos.4.x86_64
rhn-client-tools-2.6.8-1.el7.noarch
rhnlib-2.6.3-1.el7.noarch
rhn-org-httpd-ssl-key-pair-spacewalk.lab-1.0-1.noarch
rhnpush-5.5.101-1.el7.noarch
spacewalk-admin-2.6.1-1.el7.noarch
spacewalk-backend-2.6.77-1.el7.noarch
spacewalk-backend-app-2.6.77-1.el7.noarch
spacewalk-backend-applet-2.6.77-1.el7.noarch
spacewalk-backend-config-files-2.6.77-1.el7.noarch
spacewalk-backend-config-files-common-2.6.77-1.el7.noarch
spacewalk-backend-config-files-tool-2.6.77-1.el7.noarch
spacewalk-backend-iss-2.6.77-1.el7.noarch
spacewalk-backend-iss-export-2.6.77-1.el7.noarch
spacewalk-backend-libs-2.6.77-1.el7.noarch
spacewalk-backend-package-push-server-2.6.77-1.el7.noarch
spacewalk-backend-server-2.6.77-1.el7.noarch
spacewalk-backend-sql-2.6.77-1.el7.noarch
spacewalk-backend-sql-postgresql-2.6.77-1.el7.noarch
spacewalk-backend-tools-2.6.77-1.el7.noarch
spacewalk-backend-usix-2.6.77-1.el7.noarch
spacewalk-backend-xml-export-libs-2.6.77-1.el7.noarch
spacewalk-backend-xmlrpc-2.6.77-1.el7.noarch
spacewalk-base-2.6.6-1.el7.noarch
spacewalk-base-minimal-2.6.6-1.el7.noarch
spacewalk-base-minimal-config-2.6.6-1.el7.noarch
spacewalk-branding-2.5.3-1.el7.noarch
spacewalk-certs-tools-2.5.3-1.el7.noarch
spacewalk-common-2.6.1-1.el7.noarch
spacewalk-config-2.6.5-1.el7.noarch
spacewalk-doc-indexes-2.6.2-1.el7.noarch
spacewalk-html-2.6.6-1.el7.noarch
spacewalk-java-2.6.49-1.el7.noarch
spacewalk-java-config-2.6.49-1.el7.noarch
spacewalk-java-lib-2.6.49-1.el7.noarch
spacewalk-java-postgresql-2.6.49-1.el7.noarch
spacewalk-jpp-workaround-2.3.5-1.el7.noarch
spacewalk-postgresql-2.6.1-1.el7.noarch
spacewalk-repo-2.6-0.el7.noarch
spacewalk-schema-2.6.17-1.el7.noarch
spacewalk-search-2.6.1-1.el7.noarch
spacewalk-selinux-2.3.2-1.el7.noarch
spacewalk-setup-2.6.2-1.el7.noarch
spacewalk-setup-jabberd-2.3.2-1.el7.noarch
spacewalk-setup-postgresql-2.6.2-1.el7.noarch
spacewalk-taskomatic-2.6.49-1.el7.noarch
i hope this additional information helps
So what's happening here is the result of an update to httpd, that enforces strict whitespace rules, that uncovered a bug in yum-rhn-plugin that was introduced in 2010. (THhe spacewalk commit that started us down this path, for anyone who is interested, is 213b97e38dd75007281b37e3180dc68b736f2fac ) yum-rhn-plugin has been fixed, but a client without the fix yet won't be able to call home to *get* the fix, if the server has the new httpd. There are two workarounds available: One is to downgrade httpd to something *before* 2.4.25. The other is to add an httpd config option that *turns off" strict-whitespace-enforcing until all your clients have a corrected yum-rhn-plugin. You can do that with the following: # echo “HTTPProtocolOptions unsafe” >> /etc/httpd/conf.d/123unsafe.conf; systemctl restart httpd That will put httpd back to its pre-2.4.25 behavior. spacewalk-nightly has both fixes, so they will be standard when 2.7 is released Hi Grant I have tested and confirmed it works. I did believe that it was related to the strict whitespace rules but then I saw in /etc/httpd/conf.d/aa-spacewalk-server.conf <IfVersion >= 2.4.25> HTTPProtocolOptions unsafe </IfVersion> <IfDefine _RH_HAS_HTTPPROTOCOLOPTIONS> HTTPProtocolOptions unsafe </IfDefine> so I thought it was already covered by those. the above fix seems more global. thanks for your help The latest httpd on RHEL7 is
Available Packages
Name : httpd
Arch : x86_64
Version : 2.4.6
Release : 45.el7_3.4
Size : 1.2 M
Repo : rhel-x86_64-server-7
Summary : Apache HTTP Server
License : ASL 2.0
Description : The Apache HTTP Server is a powerful, efficient, and extensible
: web server.
So the strict whitespaceing must have been backported in this latest release - and the version macro cannot catch this
(In reply to vinzenz.meier from comment #4) > The latest httpd on RHEL7 is > Available Packages > Name : httpd > Arch : x86_64 > Version : 2.4.6 > Release : 45.el7_3.4 > Size : 1.2 M > Repo : rhel-x86_64-server-7 > Summary : Apache HTTP Server > License : ASL 2.0 > Description : The Apache HTTP Server is a powerful, efficient, and extensible > : web server. > > > So the strict whitespaceing must have been backported in this latest release > - and the version macro cannot catch this Hey Vinzenz - yes indeed. See the last paragraph in https://bugzilla.redhat.com/show_bug.cgi?id=1442477#c5 , we're investigating the 'right way' to make this work for RHEL7. Just published a kbase on the details of what's going on here - see https://access.redhat.com/articles/3013361 for all the fun. Grant - is there any way for the current yum-rhn-plugin to get updated for Spacewalk Client 2.6 repo? We'd like to fix our clients now and have the httpd updated on the server in a secure fashion. If not, I assume we have to wait for SW 2.7? Looks like it was indeed updated. Thanks! (In reply to Matt Wilkinson from comment #8) > Looks like it was indeed updated. Thanks! Ah yes - sorry, forgot to update here when we mashed out the client update :) As the update is already present in Spacewalk 2.6 client. I am closing this BZ. This BZ closed some time during 2.5, 2.6 or 2.7. Adding to 2.7 tracking bug. |