Bug 2208277
| Summary: | Update or deprecate Satellite firewalld service profiles RH-Satellite-6 and RH-Satellite-6-capsule | ||
|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Taft Sanders <tasander> |
| Component: | Infrastructure | Assignee: | satellite6-bugs <satellite6-bugs> |
| Status: | NEW --- | QA Contact: | Satellite QE Team <sat-qe-bz-list> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.13.1 | CC: | ahumbe, ehelms |
| Target Milestone: | Unspecified | Keywords: | Triaged |
| Target Release: | Unused | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | Bug | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Description of problem: This profile does not open all required ports for any supported of Satellite at this time. This profile is also not referenced in any supported version of Satellite documentation. As there are varying changes to ports from one Satellite version to the next along with needs of the user, I believe it would be very difficult to maintain a profile like this going forward. Version-Release number of selected component (if applicable): firewalld-0.3.9-11.el7.noarch - firewalld-0.6.3-8.el7_8.1.noarch firewalld-0.6.3-7.el8.noarch - firewalld-0.9.3-13.el8.noarch firewalld-1.0.0-4.el9.noarch - firewalld-1.2.1-1.el9.noarch How reproducible: n/a Steps to Reproduce: 1. 2. 3. Actual results: # firewall-cmd --get-services RH-Satellite-6 RH-Satellite-6-capsule amanda-client amanda-k5-client amqp --snip-- # firewall-cmd --info-service=RH-Satellite-6 RH-Satellite-6 ports: 5000/tcp 5646-5647/tcp 5671/tcp 8000/tcp 8080/tcp 9090/tcp protocols: source-ports: modules: destination: includes: foreman helpers: # firewall-cmd --info-service=RH-Satellite-6-capsule RH-Satellite-6-capsule ports: 8443/tcp protocols: source-ports: modules: destination: includes: RH-Satellite-6 helpers: Expected results: Either ports and includes need to be updated for each minor release, or this profile should be retired. Additional info: 6.13 Ports Documentation: Satellite: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html-single/installing_satellite_server_in_a_connected_network_environment/index#Ports_and_Firewalls_Requirements_satellite Capsule: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html-single/installing_capsule_server/index#capsule-ports-and-firewalls-requirements_capsule 6.12 Ports Documentation: Satellite: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.12/html-single/installing_satellite_server_in_a_connected_network_environment/index#Ports_and_Firewalls_Requirements_satellite Capsule: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.12/html-single/installing_capsule_server/index#capsule-ports-and-firewalls-requirements_capsule 6.11 Port Documentation: Satellite: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html-single/installing_satellite_server_in_a_connected_network_environment/index#Ports_and_Firewalls_Requirements_satellite Capsule: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html-single/installing_capsule_server/index#capsule-ports-and-firewalls-requirements_capsule