Bug 2058844

Summary: The foreman-protector plugin does not works for Satellite 6.11 if the OS is RHEL 8
Product: Red Hat Satellite Reporter: Sayan Das <saydas>
Component: Satellite MaintainAssignee: Amit Upadhye <aupadhye>
Status: CLOSED ERRATA QA Contact: Gaurav Talreja <gtalreja>
Severity: high Docs Contact:
Priority: high    
Version: 6.11.0CC: apatel, aupadhye, ehelms, kgaikwad, lpramuk, zhunting
Target Milestone: 6.11.0Keywords: Triaged
Target Release: Unused   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: rubygem-foreman_maintain-1.0.8-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-07-05 14:34:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2084624    
Bug Blocks: 1693733    

Description Sayan Das 2022-02-26 07:55:29 UTC 
Description of problem:

The foreman-protector plugin does not works for Satellite 7.0 if the OS is RHEL 8 but works fine on the RHEL 7 OS.

Version-Release number of selected component (if applicable):

satellite-7.0.0-0.5.beta.el8sat.noarch
rubygem-foreman_maintain-1.0.3-1.el8sat.noarc

How reproducible:

Always

Steps to Reproduce:
1. Install RHEL 8
2. Install Satellite 7.0 on top of RHEL 8
3. Run dnf install or dnf repolist commands and observe the different in the outputs\behaviors compared to a RHEL 7 based installation.

Actual results:

On Sat 7.0 + RHEL 7, We see correct output:

# yum list tmux
Loaded plugins: foreman-protector, product-id, search-disabled-repos, subscription-manager



WARNING: Excluding 12903 packages due to foreman-protector. 
Use foreman-maintain packages install/update <package> 
to safely install packages without restrictions.
Use foreman-maintain upgrade run for full upgrade.

Error: No matching Packages to list


# yum search tmux --disableplugin=foreman-protector
Loaded plugins: product-id, search-disabled-repos, subscription-manager


===================================================================================== N/S matched: tmux ======================================================================================
tmux.x86_64 : A terminal multiplexer

  Name and summary matches only, use "search all" for everything.
[root@saydas-rhsat ~]# yum list tmux --disableplugin=foreman-protector
Loaded plugins: product-id, search-disabled-repos, subscription-manager

This system is not registered with an entitlement server. You can use subscription-manager to register.

Available Packages
tmux.x86_64       



But the plugin is not even recognized on RHEL 8:


# foreman-maintain packages status
Running preparation steps required to run the next scenarios
================================================================================
Check if tooling for package locking is installed:                    [OK]
--------------------------------------------------------------------------------


Running detection of status of package version locking
================================================================================
Check status of version locking of packages: 
  Automatic locking of package versions is enabled in installer.
  Packages are locked.                                                [OK]
--------------------------------------------------------------------------------





# dnf list tmux --enableplugin=foreman-protector
No matches found for the following enable plugin patterns: foreman-protector
Updating Subscription Management repositories.
Satellite Utils 7.0 RHEL8                                                                                                                                     1.2 kB/s | 2.1 kB     00:01    
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)                                                                                                         1.3 kB/s | 2.4 kB     00:01    
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)                                                                                                      1.5 kB/s | 2.8 kB     00:01    
Satellite 7.0 RHEL8                                                                                                                                           1.4 kB/s | 2.5 kB     00:01    
Red Hat Ansible Engine 2 for RHEL 8 x86_64 (RPMs)                                                                                                             1.3 kB/s | 2.3 kB     00:01    
Satellite Maintenance 7.0 RHEL8                                                                                                                               1.1 kB/s | 2.1 kB     00:01    
Available Packages
tmux.x86_64                                                                      2.7-1.el8                                                                       rhel-8-for-x86_64-baseos-rpms


# dnf repolist -v
Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, groups-manager, kpatch, needs-restarting, playground, product-id, repoclosure, repodiff, repograph, repomanage, reposync, subscription-manager, uploadprofile
Updating Subscription Management repositories.
DNF version: 4.7.0
cachedir: /var/cache/dnf


# dnf install tmux
Updating Subscription Management repositories.
Satellite Utils 7.0 RHEL8                                                                                                                                     1.1 kB/s | 2.1 kB     00:01    
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)                                                                                                         1.3 kB/s | 2.4 kB     00:01    
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)                                                                                                      1.5 kB/s | 2.8 kB     00:01    
Satellite 7.0 RHEL8                                                                                                                                           1.4 kB/s | 2.5 kB     00:01    
Red Hat Ansible Engine 2 for RHEL 8 x86_64 (RPMs)                                                                                                             1.3 kB/s | 2.3 kB     00:01    
Satellite Maintenance 7.0 RHEL8                                                                                                                               1.1 kB/s | 2.1 kB     00:01    
Dependencies resolved.
==============================================================================================================================================================================================
 Package                              Architecture                           Version                                      Repository                                                     Size
==============================================================================================================================================================================================
Installing:
 tmux                                 x86_64                                 2.7-1.el8                                    rhel-8-for-x86_64-baseos-rpms                                 317 k

Transaction Summary
==============================================================================================================================================================================================
Install  1 Package

Total download size: 317 k
Installed size: 770 k
Is this ok [y/N]: y
Downloading Packages:
tmux-2.7-1.el8.x86_64.rpm                                                    0% [                                                                           ] ---  B/s |   0  B     --:-- ETA


Expected results:

The foreman-protector is an important plugin to ensure that accidental installation or updates are not happening on satellite and hence it needs to work with dnf+RHEL8 in the exact same way as it works with yum on RHEL 7. 


Additional info:

NA
Comment 2 Amit Upadhye 2022-04-04 10:40:39 UTC 
Created redmine issue https://projects.theforeman.org/issues/34717 from this bug
Comment 3 Bryan Kearney 2022-04-06 12:04:49 UTC 
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/34717 has been resolved.
Comment 5 Gaurav Talreja 2022-05-31 10:39:40 UTC 
Verified.

Tested on Satellite 6.11.0 Snap 22 
Version: rubygem-foreman_maintain-1.0.10-1.el8sat.noarch

Observation:
a foreman-protector plugin is implemented for RHEL8 which works for Satellite 6.11, however for some commands, it still runs yum commands instead of DNF for RHEL8 which is not a blocker to this BZ, so filed a BZ 2091900 to track it separately.
Comment 8 errata-xmlrpc 2022-07-05 14:34:01 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.11 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5498