Bug 1533052

Summary: Add FQDN detection to setup and config utilities.
Product: [Community] Spacewalk Reporter: Laurence Rochfort <laurence.rochfort>
Component: InstallationAssignee: Jan Dobes <jdobes>
Status: CLOSED CURRENTRELEASE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 2.7CC: jdostal
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-01-15 07:59:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1653216    

Description Laurence Rochfort 2018-01-10 11:14:05 UTC 
Description of problem:
spacewalk-setup and spacewalk-hostname-rename presently only detect the
shortname as would be returned by "uname -n", not the FQDN as would be
detected by checking /etc/hosts, or a reverse DNS lookup in a correctly configured DNS environment.

This causes SSL verification failure when clients make a request against
against the FQDN. The SSL certificate has components populated with the shortname rather than FQDN, and as such verification fails when clients provide the FQDN because it doesn't match the shortname found in the SSL cert.

It also causes the Spacewalk server name to be populated with the shortname
which can cause problems for client registration and Inter Server
Synchronisation AuthN.

spacewalk-setup and spacewalk-hostname-rename should attempt to obtain the
FQDN and only fallback to providing the shortname if all attempts to identify
the FQDN fails.

Version-Release number of selected component (if applicable):
All

How reproducible:
On a system with the shortname in /etc/hostname or /etc/sysconfig/network, run spacewalk-setup or spacewalk-hostname-rename. The shortname will be detected and used to populate components of the SSL certificate.
Comment 1 Laurence Rochfort 2018-02-15 11:35:23 UTC 
Additionally, having a shortname detected by spacewalk-setup-jabberd causes SSL validation failure for jabberd clients and osa-dispatcher.

spacewalk-setup-jabberd also updated to correctly detect the FQDN.
Comment 2 Laurence Rochfort 2018-02-15 11:36:27 UTC 
GitHub PR 625 created with proposed fix.

ttps://github.com/spacewalkproject/spacewalk/pull/625
Comment 3 Laurence Rochfort 2018-02-16 10:04:49 UTC 
Additionally, add FQDN detection to spacecmd.
Comment 4 Jiří Dostál 2018-03-27 09:04:52 UTC 
spacewalk
f8a7cc0181e2fc3b0e49bb4cc79453289458a21d
d5caec0bae9421ea792dda515732f02de6ac8283
Comment 5 Jiří Dostál 2018-04-20 11:28:48 UTC 
Above commits have been reverted for 2.8, removing from space28
Comment 6 Jiří Dostál 2018-05-29 08:09:59 UTC 
spacewalk
1bcde51c72fd569ba8e36a7f6bdf78e1967c6499
6a8bcfde37692bade3cf3882e7934cda47aa38a3
Comment 7 Michael Mráka 2018-11-26 09:43:59 UTC 
Move Spacewalk 2.9 bugs ON_QA.
Comment 8 Michael Mráka 2019-01-15 07:59:25 UTC 
Spacewalk 2.9 has been released.
https://github.com/spacewalkproject/spacewalk/wiki/ReleaseNotes29