Bug 1964539

Summary:	[RFE] remove nmap and ncat as dependencies for installation
Product:	Red Hat Satellite	Reporter:	Stephen Hobbs <shobbs>
Component:	Installation	Assignee:	satellite6-bugs <satellite6-bugs>
Status:	CLOSED ERRATA	QA Contact:	Lukas Pramuk <lpramuk>
Severity:	medium	Docs Contact:
Priority:	high
Version:	6.9.0	CC:	ahumbe, egolov, ehelms, gpayelka, gtalreja, lpramuk, rmynar
Target Milestone:	6.15.0	Keywords:	FutureFeature, Reopened
Target Release:	Unused
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2024-04-23 17:10:42 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Stephen Hobbs 2021-05-25 16:32:45 UTC

Description of problem:
When installing the satellite server the nmap and ncat packages are dependencies and also installed.  I request this requirement be eliminated.

Version-Release number of selected component (if applicable):
Satellite 6.8

Additional info:
My customer is a large financial institution and their security team does not allow any network scanning or insecure connection methods.

Comment 1 Eric Helms 2021-07-08 12:28:22 UTC

This was fixed by https://bugzilla.redhat.com/show_bug.cgi?id=1772526

Comment 7 Brad Buckingham 2023-07-21 21:06:39 UTC

Upon review of our valid but aging backlog the Satellite Team has concluded that this Bugzilla does not meet the criteria for a resolution in the near term, and are planning to close in a month. This message may be a repeat of a previous update and the bug is again being considered to be closed. If you have any concerns about this, please contact your Red Hat Account team.  Thank you.

Comment 8 Marek Hulan 2023-08-23 12:48:07 UTC

For QE: it seems the foreman-bootloaders-redhat package no longer comes with the dependency (based on upstream builds), we need to verify this but if that's the case, it should be CLOSED:CURRENTRELEASE

Comment 10 Brad Buckingham 2023-10-30 11:29:29 UTC

Bulk setting Target Milestone = 6.15.0 where sat-6.15.0+ is set.

Comment 11 Lukas Pramuk 2023-12-13 14:31:25 UTC

VERIFIED.

@Satellite 6.15.0 Snap 2.1
foreman-discovery-image-4.1.0-10.el8sat.noarch

FYI nmap-ncat was never dependency foreman-bootloaders-redhat-tftpboot

On RHEL7 nmap-ncat package was pulled in by these two rpms:
- tfm-rubygem-ruby-libvirt (-> libvirt-libs -> nc)
- foreman-discovery-image (-> libguestfs-tools-c -> libvirt-libs -> nc)


On RHEL8 nmap-ncat is a *weak dependency* of libvirt-daemon which we require for foreman-discovery-image

# dnf --disableplugin=foreman-protector install foreman-discovery-image 
...
Installing:
 foreman-discovery-image          noarch 1:4.1.0-10.el8sat                          Satellite_Engineering_Satellite_6_15_Com
...
Installing weak dependencies:
 libguestfs-xfs                   x86_64 1:1.44.0-9.module+el8.9.0+18724+20190c23   rhel-8-for-x86_64-appstream-rpms 9.2 k
 libvirt-client                   x86_64 8.0.0-22.module+el8.9.0+19544+b3045133     rhel-8-for-x86_64-appstream-rpms 419 k
 nmap-ncat                        x86_64 2:7.92-1.el8                               rhel-8-for-x86_64-appstream-rpms 243 k

# rpm -q --recommends libvirt-daemon
/usr/bin/nc
libvirt-client = 8.0.0-22.module+el8.9.0+19544+b3045133

>>> nmap-ncat in now weak dependency so it can be easily removed if needed

Comment 14 errata-xmlrpc 2024-04-23 17:10:42 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.15.0 release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2024:2010