Bug 642340

Summary: RHN Proxy 5.4 webUI installer fail if you enable both ssl and push
Product: [Retired] Red Hat Network Reporter: Miroslav Suchý <msuchy>
Component: RHN/OtherAssignee: rhn-dev-list
Status: CLOSED NOTABUG QA Contact: Red Hat Network Quality Assurance <rhn-qa-list>
Severity: medium Docs Contact:
Priority: low    
Version: rhn522CC: cperry, dyordano, jhutar, nbronson
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 631847 Environment:
Last Closed: 2010-10-12 16:21:09 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 631847    
Bug Blocks: 608756, 631872    

Description Miroslav Suchý 2010-10-12 16:11:49 UTC 
+++ This bug was initially created as a clone of Bug #631847 +++

--- Additional comment from dyordano on 2010-10-12 06:05:16 EDT ---

Now I have new issue.
Proxy 5.4 - dell-pe830-02.rhts.eng.bos.redhat.com
Satellite 5.4 - tyan-gt24-01.rhts.eng.bos.redhat.com

Client execution returned "Failed deployment and rollback, information on user 'jabberd' could not be found" (code 50)
Config Files:
/etc/httpd/conf.d/cobbler-proxy.conf (rev. 1)	
/etc/httpd/conf.d/rhn_proxy.conf (rev. 1)	
/etc/httpd/conf.d/ssl.conf (rev. 1)	
/etc/httpd/conf/ssl.crt/server.crt (rev. 1)	
/etc/httpd/conf/ssl.csr/server.csr (rev. 1)	
/etc/httpd/conf/ssl.key/server.key (rev. 1)	
/etc/jabberd/c2s.xml (rev. 1)	
/etc/jabberd/server.pem (rev. 1)	
/etc/jabberd/sm.xml (rev. 1)	
/etc/rhn/rhn.conf (rev. 1)	
/etc/squid/squid.conf (rev. 1)	
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT (rev. 1)	
/var/www/html/pub/RHN-ORG-TRUSTED-SSL-CERT (rev. 1)	
/var/www/html/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm (rev. 1)

Dimi

--- Additional comment from msuchy on 2010-10-12 08:32:42 EDT ---

This happens when you check both "Enable Push?" and "SSL" options in WebUI installer. This will schedule deployment of
 /etc/jabberd/server.pem
as user jabberd

In RHN Proxy 5.3 and older we used jabberd 2.0, which used user jabberd, but in RHN Proxy 5.4 we upgraded to jabberd 2.2, which use user jabber.

--- Additional comment from cperry on 2010-10-12 08:41:54 EDT ---

Mirek - if safe to fix - please do and we can re-spin ISO for it. 

Cliff

--- Additional comment from msuchy on 2010-10-12 10:47:38 EDT ---

Fix commited to spacewalk 1394331d1f4f4d52cc8ee622b2fc737aa4b06e4f

cherrypicked to satellite as commit 25436fa5f113b75ab34826c5893daa29cd4bbac7
Comment 1 Miroslav Suchý 2010-10-12 16:13:19 UTC 
you could not directly use our patch since hosted use import_ssl_cert, and we use generate_ssl_cert method.
But you will handle it :)
Comment 2 Clifford Perry 2010-10-12 16:21:09 UTC 
http://git.fedorahosted.org/git/?p=spacewalk.git;a=commitdiff;h=1394331d1f4f4d52cc8ee622b2fc737aa4b06e4f;hp=b1691846ac808ed89b2c839fad17b7a5064fe8e3

Dude - not needed jabberd and osad is a Satellite only thing. While they could make code change, it is not needed for RHN Hosted installations of RHN Proxy. 

Closing notabug.

# special cases...
+  my $jabber_user = 'jabberd';
+  if ($params{'version'} >= 5.4) {
+    $jabber_user = 'jabber';
+  }
   eval {
     # server_pem - for jabberd
     import_file(-path => '/etc/jabberd/server.pem',
                -content => $server_pem,
                -config_channel => $cc,
-               -username => 'jabberd',
-               -groupname => 'jabberd',
+               -username => $jabber_user,
+               -groupname => $jabber_user,
                -mode => '600');