Bug 1448139

Summary: cfme-appliance requires telnet/vim
Product: Red Hat CloudForms Management Engine Reporter: Tsai Li Ming <ltsai>
Component: BuildAssignee: Satoe Imaishi <simaishi>
Status: CLOSED ERRATA QA Contact: luke couzens <lcouzens>
Severity: low Docs Contact:
Priority: low    
Version: 5.7.0CC: abellott, cpelland, gtanzill, jhardy, ltsai, mfeifer, nchugh, obarenbo
Target Milestone: GA   
Target Release: 5.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: black:appliance
Fixed In Version: 5.9.0.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-03-01 13:12:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core Target Upstream Version:
Embargoed:

Description Tsai Li Ming 2017-05-04 15:28:20 UTC 
Description of problem:

cfme-appliance rpm requires telnet.

# rpm -qi --requires cfme-appliance
Name        : cfme-appliance
Version     : 5.7.2.1
Release     : 1.el7cf
Architecture: x86_64
Install Date: Thu 04 May 2017 11:20:12 AM EDT
Group       : Applications/Internet
Size        : 274320
License     : Unknown
Signature   : RSA/SHA256, Thu 06 Apr 2017 03:01:36 PM EDT, Key ID 199e2f91fd431d51
Source RPM  : cfme-appliance-5.7.2.1-1.el7cf.src.rpm
Build Date  : Thu 06 Apr 2017 02:51:48 PM EDT
Build Host  : x86-017.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
URL         : https://github.com/ManageIQ/manageiq-appliance
Summary     : CloudForms Management Engine appliance configuration
Description :
CloudForms Management Engine Appliance
/bin/bash
/bin/env
/bin/sh
/bin/sh
/bin/sh
/usr/bin/env
adcli
c-ares >= 1.7.0
cfme = 5.7.2.1
chrony
httpd
ipa-admintools >= 3.0.0
ipa-client >= 3.0.0
less
lvm2
mod_auth_kerb >= 5.4
mod_auth_mellon
mod_authnz_pam >= 0.9.2
mod_intercept_form_submit >= 0.9.7
mod_lookup_identity >= 0.9.2
mod_ssl
nmap-ncat
oddjob
oddjob-mkhomedir
openldap-clients
openscap
realmd
rpmlib(BuiltinLuaScripts) <= 4.2.2-1
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
samba-common
scap-security-guide
smem
sssd >= 1.11.6
sssd-dbus >= 1.11.6
 telnet 
 unzip
 vim-enhanced 
rpmlib(PayloadIsXz) <= 5.2-1


Version-Release number of selected component (if applicable):

cfme 5.7.2.1
Comment 2 Dave Johnson 2017-05-08 14:51:40 UTC 
vim is a security concern?
Comment 3 Tsai Li Ming 2017-05-08 15:15:58 UTC 
I don't think vim is a security concern but why does cfme-appliance package requires all these unnecessary packages, like telnet? Is it a dependency that is required?
Comment 4 Gregg Tanzillo 2017-05-26 13:34:07 UTC 
As far as I know, there are no application dependencies on these packages. They were added to the build over the years at the request of developers and customers that needed these tools for administration and troubleshooting.
Comment 7 Dave Johnson 2017-06-28 16:40:07 UTC 
I agree, they should be on the appliance for convienence, but they shouldn;t be listed as dependencies for the cfme-appliance package.  This is a build problem and the wrong approach to pull these packages in.
Comment 9 Satoe Imaishi 2017-09-26 20:53:28 UTC 
Packages not required to run CFME are moved to cfme-appliance-tools subpackage and will be installed from kickstart independently during VM creation.
Comment 10 luke couzens 2017-10-18 11:17:09 UTC 
Verified in 5.9.0.2
Comment 13 errata-xmlrpc 2018-03-01 13:12:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0380