Bug 524053

Summary: spacewalk-ssl-cert-check-1.7-1.el4sat is broken on 5.2 and older satellite servers
Product: Red Hat Satellite Proxy 5 Reporter: John T. Rose <inode0>
Component: ServerAssignee: Miroslav Suchý <msuchy>
Status: CLOSED ERRATA QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: low Docs Contact:
Priority: low    
Version: 420CC: bperkins, cperry, jsherril, tao
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 527744 (view as bug list) Environment:
Last Closed: 2009-10-20 15:51:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 518256, 527744    

Description John T. Rose 2009-09-17 17:41:36 UTC 
Description of problem:

After upgrading to the spacewalk-ssl-cert-check package the script in /etc/cron.daily/rhn-ssl-cert-check fails

Version-Release number of selected component (if applicable):

spacewalk-ssl-cert-check-1.7-1.el4sat
rhns-proxy-management-4.2.3-2

How reproducible:

Always

Steps to Reproduce:
1. Update spacewalk-ssl-cert-check on a 4.2 proxy
2. run daily cron job in etc/cron.daily/rhn-ssl-cert-check
3. see results below
  
Actual results:

/etc/cron.daily/rhn-ssl-cert-check:

Unable to read the admin e-mail address in /etc/rhn/rhn.conf

To disable monitoring, add CHECK=no in /etc/sysconfig/rhn/rhn-ssl-cert-check
Otherwise, you will have to add a valid email address to receive
expiration notifications, either in /etc/rhn/rhn.conf (traceback_mail)
or set ADMIN in /etc/sysconfig/rhn/rhn-ssl-cert-check
/etc/cron.daily/up2date.cron:

Expected results:

None if the ssl-cert is not expiring

Additional info:

There are a couple of obvious problems in the script on 4.2 proxy servers.

(1) SSL_HTTPD_CONF_FILE=/etc/httpd/conf.d/ssl.conf in invalid and should be SSL_HTTPD_CONF_FILE=/etc/httpd/conf/httpd.conf

(2) In the get_rhn_component() function the test for a proxy fails. rpm -q spacewalk-proxy-management should be rpm -q rhns-proxy-management on older proxy servers.
Comment 1 Miroslav Suchý 2009-09-24 11:50:01 UTC 
Commited to:
 branches/eng/RELEASE-5.0 as 187270
 branches/eng/RELEASE-5.1 as 187269
 branches/eng/RELEASE-5.2 as 187268

To satellite.git as
 38b7693647da076c9841f0eeaeeab861ed54d866
Comment 2 Miroslav Suchý 2009-09-24 11:50:53 UTC 
4.2 and 4.1 has the same version as 5.0
Comment 3 Miroslav Suchý 2009-09-24 11:52:50 UTC 
For records - the conclusion from mailing list:
The problem is that some customers already downloaded this new version. So we will have to release new version of rhn-ssl-cert-check for each supported channel, which will do magic using provides/obsoletes or epoch to force to "upgrade" to previous version in that given channel.
A lot of work, a lot of testing, but IMO correct way.
Comment 4 Miroslav Suchý 2009-10-06 07:34:01 UTC 
It has not been pushed to proxy channels. Requested in ticket #51301

For record - previous rel-eng ticket for this bz are: #50832 and #51007
Comment 6 Miroslav Suchý 2009-10-06 12:37:55 UTC 
Current packages fails to upgrade (in one step) due to bug in yum: BZ 527432
Comment 7 Miroslav Suchý 2009-10-06 13:01:34 UTC 
Commited to:
 branches/eng/RELEASE-5.0 as 187606
 branches/eng/RELEASE-5.1 as 187609
 branches/eng/RELEASE-5.2 as 187610

I tested that since I done major bump in version (from 1.4 to 5.x) it works even without epoch so removing it:
 branches/eng/RELEASE-5.0 as 187613
 branches/eng/RELEASE-5.1 as 187612
 branches/eng/RELEASE-5.2 as 187611
Comment 8 Miroslav Suchý 2009-10-06 15:04:16 UTC 
Filled ticket #51314 to import to brew
Comment 10 errata-xmlrpc 2009-10-20 15:51:14 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-1518.html
Comment 11 Clifford Perry 2009-10-29 03:17:52 UTC 
*** Bug 521347 has been marked as a duplicate of this bug. ***