Bug 1951057
| Summary: | Subscription manager doesn't remove the SCA entitlement certificate when switching back to Entitlement mode | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | John Sefler <jsefler> | |
| Component: | subscription-manager | Assignee: | candlepin-bugs | |
| Status: | CLOSED ERRATA | QA Contact: | Red Hat subscription-manager QE Team <rhsm-qe> | |
| Severity: | high | Docs Contact: | ||
| Priority: | high | |||
| Version: | --- | CC: | ahumbe, cdonnell, csnyder, hyu, jbreitwe, jhnidek, jreznik, jsefler, mschibli, peter.vreman, redakkan, rhsm-qe, rjerrido, rkarimpa, saydas, wclark, yanpliu | |
| Target Milestone: | beta | Keywords: | Triaged, ZStream | |
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
|
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | subscription-manager-1.28.17-1.el8 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | 1886772 | |||
| : | 2011843 2011844 (view as bug list) | Environment: | ||
| Last Closed: | 2021-11-09 19:37:58 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2011843, 2011844 | |||
|
Comment 1
John Sefler
2021-04-19 14:10:46 UTC
for subscription-manager-1.28: https://github.com/candlepin/subscription-manager/pull/2618 Hello, verification on RHEL-8.5.0-20210621.n.0 & Satellite6,8.6 subscription-manager-1.28.17-1.el8.x86_64 tfm-rubygem-katello-3.16.0.26-1.el7sat.noarch katello-3.16.0-1.el7sat.noarch candlepin-3.1.28-1.el7sat.noarch But egrep "GET.*/owner|cache/content_access_mode" /var/log/rhsm/rhsm.log display nothing in sca mode. # subscription-manager config --server.hostname=hpe-nehalem-02.hpe2.lab.eng.bos.redhat.com # subscription-manager config --logging.default_log_level=DEBUG >> Satellite is already in SCA Mode.---> Using SCA mode manifest # subscription-manager register --username=admin --password=admin --org=sca_org --environment=Library Registering to: hpe-nehalem-02.hpe2.lab.eng.bos.redhat.com:443/rhsm The system has been registered with ID: f99c784c-abdb-4b82-b40e-ec3ff1bede5a The registered system name is: dell-per620-2.gsslab.rdu2.redhat.com # subscription-manager status; subscription-manager status; subscription-manager status +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Disabled Content Access Mode is set to Simple Content Access. This host has access to content, regardless of subscription status. System Purpose Status: Disabled +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Disabled Content Access Mode is set to Simple Content Access. This host has access to content, regardless of subscription status. System Purpose Status: Disabled +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Disabled Content Access Mode is set to Simple Content Access. This host has access to content, regardless of subscription status. System Purpose Status: Disabled # tail -f -n 0 /var/log/rhsm/rhsm.log &> /root/logfile_yanpliu & [1] 70294 [root@dell-per620-2 ~]# kill -9 70294 [root@dell-per620-2 ~]# egrep "GET.*/owner|cache/content_access_mode" /root/logfile_yanpliu ---> No message display [root@dell-per620-2 ~]# ll /etc/pki/entitlement/ total 8 -rw-r--r--. 1 root root 3243 Jun 22 06:01 6419377592742673114-key.pem -rw-r--r--. 1 root root 3277 Jun 22 06:01 6419377592742673114.pem [root@dell-per620-2 ~]# rct cat-cert /etc/pki/entitlement/6419377592742673114.pem | grep "Product:" -A2 Product: ID: content_access Name: Content Access >> Changed Satellite to entitlement mode. ---> Upload entilement mode manifest # truncate -s 0 /var/log/rhsm/rhsm* # subscription-manager refresh 1 local certificate has been deleted. All local data refreshed # ll /etc/pki/entitlement/ total 0 # subscription-manager status; subscription-manager status; subscription-manager status +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Invalid Red Hat Enterprise Linux for x86_64 Beta: - Not supported by a valid subscription. System Purpose Status: Not Specified +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Invalid Red Hat Enterprise Linux for x86_64 Beta: - Not supported by a valid subscription. System Purpose Status: Not Specified +-------------------------------------------+ System Status Details +-------------------------------------------+ Overall Status: Invalid Red Hat Enterprise Linux for x86_64 Beta: - Not supported by a valid subscription. System Purpose Status: Not Specified # tail -f -n 0 /var/log/rhsm/rhsm.log &> /root/logfile_yanpliu_entitlement & [1] 70546 [root@dell-per620-2 ~]# kill -9 70546 [root@dell-per620-2 ~]# egrep "GET.*/owner|cache/content_access_mode" /root/logfile_yanpliu_entitlement 2021-06-22 06:11:50,117 [DEBUG] subscription-manager:70551:MainThread @cache.py:892 - Trying to read ContentAccessModeCache from cache file /var/lib/rhsm/cache/content_access_mode.json 2021-06-22 06:11:50,117 [DEBUG] subscription-manager:70551:MainThread @cache.py:152 - Cache file /var/lib/rhsm/cache/content_access_mode.json does not exist 2021-06-22 06:11:50,117 [DEBUG] subscription-manager:70551:MainThread @connection.py:709 - Making request: GET /rhsm/consumers/f99c784c-abdb-4b82-b40e-ec3ff1bede5a/owner 2021-06-22 06:11:50,340 [DEBUG] subscription-manager:70551:MainThread @connection.py:782 - Response: status=200, request="GET /rhsm/consumers/f99c784c-abdb-4b82-b40e-ec3ff1bede5a/owner" 2021-06-22 06:11:50,341 [DEBUG] subscription-manager:70551:MainThread @cache.py:120 - Wrote cache: /var/lib/rhsm/cache/content_access_mode.json 2021-06-22 06:11:52,330 [DEBUG] subscription-manager:70555:MainThread @cache.py:892 - Trying to read ContentAccessModeCache from cache file /var/lib/rhsm/cache/content_access_mode.json 2021-06-22 06:11:52,331 [DEBUG] subscription-manager:70555:MainThread @cache.py:902 - Data loaded from cache file: /var/lib/rhsm/cache/content_access_mode.json 2021-06-22 06:11:54,119 [DEBUG] subscription-manager:70559:MainThread @cache.py:892 - Trying to read ContentAccessModeCache from cache file /var/lib/rhsm/cache/content_access_mode.json 2021-06-22 06:11:54,119 [DEBUG] subscription-manager:70559:MainThread @cache.py:902 - Data loaded from cache file: /var/lib/rhsm/cache/content_access_mode.json I have run on both Satellite6.10 and Satellite6.9, egrep "GET.*/owner|cache/content_access_mode" /var/log/rhsm/rhsm.log display nothing in sca mode. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (subscription-manager bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:4390 |