Bug 1687523
| Summary: | when /var/log/rhsm/ is missing, subscription-manager outputs rhsm logs on terminal. | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | jcastran |
| Component: | subscription-manager | Assignee: | Jiri Hnidek <jhnidek> |
| Status: | CLOSED ERRATA | QA Contact: | Red Hat subscription-manager QE Team <rhsm-qe> |
| Severity: | high | Docs Contact: | |
| Priority: | low | ||
| Version: | 8.1 | CC: | cdonnell, csnyder, eda, ed, jhnidek, kwalker, mbliss, redakkan, skallesh |
| Target Milestone: | rc | Keywords: | Reopened, Triaged |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | subscription-manager-1.26.5-1 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-04-28 16:54:49 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
jcastran
2019-03-11 16:31:01 UTC
To address this we have agreed on adding an extra log message to indicate that the standard log file (/var/log/rhsm/rhsm.log) could not be written to and that further log output will be to stdout/stderr. This should help others in the future as a diagnostic step to determine the root cause of the strange log output. I would also advise any folks seeing this issue to see the attached knowledge base solution: https://access.redhat.com/solutions/3569241 I implemented it a little bit different than it was proposed. When /var/log/rhsm directory does not exist, then logutil module (subscription-manager, yum plugin, etc.) tries to create this directory. When it is not possible to create this directory (permission, fs us read-only, etc.), then extra error message is printed (including reason) and all other messages are printed to stderr. Verification: [root@kvm-04-guest02 ~]# subscription-manager version server type: Red Hat Subscription Management subscription management server: 2.9.21-1 subscription management rules: 5.37 subscription-manager: 1.26.10-1.el8 [root@kvm-04-guest02 ~]# mv /var/log/rhsm/rhsm.log /root mv: overwrite '/root/rhsm.log'? y [root@kvm-04-guest02 ~]# ls /var/log/rhsm/* /var/log/rhsm/rhsmcertd.log [root@kvm-04-guest02 ~]# yum repolist Updating Subscription Management repositories. repo id repo name beaker-AppStream beaker-AppStream beaker-AppStream-debuginfo beaker-AppStream-debuginfo beaker-BaseOS beaker-BaseOS beaker-BaseOS-debuginfo beaker-BaseOS-debuginfo beaker-CRB beaker-CRB beaker-CRB-debuginfo beaker-CRB-debuginfo beaker-HighAvailability beaker-HighAvailability beaker-HighAvailability-debuginfo beaker-HighAvailability-debuginfo beaker-NFV beaker-NFV beaker-NFV-debuginfo beaker-NFV-debuginfo beaker-RT beaker-RT beaker-RT-debuginfo beaker-RT-debuginfo beaker-ResilientStorage beaker-ResilientStorage beaker-ResilientStorage-debuginfo beaker-ResilientStorage-debuginfo beaker-SAP beaker-SAP beaker-SAP-debuginfo beaker-SAP-debuginfo beaker-SAPHANA beaker-SAPHANA beaker-SAPHANA-debuginfo beaker-SAPHANA-debuginfo beaker-harness beaker-harness beaker-tasks beaker-tasks rhel-8-for-x86_64-appstream-htb-rpms Red Hat Enterprise Linux 8 for x86_64 - AppStream HTB (RPMs) rhel-8-for-x86_64-baseos-htb-rpms Red Hat Enterprise Linux 8 for x86_64 - BaseOS HTB (RPMs) Now verify if the rhsm.log file is created: [root@kvm-04-guest02 ~]# ls /var/log/rhsm/* /var/log/rhsm/rhsmcertd.log /var/log/rhsm/rhsm.log ^^ file is created [root@kvm-04-guest02 ~]# cat /var/log/rhsm/rhsm.log 2020-02-05 03:47:27,106 [INFO] yum:31990:MainThread @connection.py:905 - Connection built: host=subscription.rhsm.stage.redhat.com port=443 handler=/subscription auth=identity_cert ca_dir=/etc/rhsm/ca/ insecure=False ^^ output is logged as well Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:1849 The new message gets printed every time dnf is run as a non-root user: % dnf --quiet list autoremote 2020-05-12 11:52:09,965 [ERROR] dnf:683858:MainThread @logutil.py:194 - [Errno 13] Permission denied: '/var/log/rhsm/rhsm.log' - Further logging output will be written to stderr I think it should only appear when run as root. A non-root user wouldn't expect to write to /var/log anyway. For perspective, changes made to package repositories ought to be logged, and as such, any inability to log should be treated as an error. In this case, we're seeing an inability to log treated as a warning. If anything, for clarity and auditability, we might consider going the other way, and moving from warning the user to a hard stop. I entirely agree that changes made to package repositories ought to be logged. This bug report only concerns the case where dnf is not run as root, and so cannot change anything. In that case it can't write to the log files either. But if run as non-root this is all entirely expected, and should not flag a warning. Of course continue to warn (or even hard error) when dnf is run as root and plans to make a change to the repositories, but cannot log it. |