Bug 695002

Summary: Entitlement Certificate(s) update failed due to the following reasons: - sequence
Product: [Community] Candlepin Reporter: John Sefler <jsefler>
Component: candlepinAssignee: Bryan Kearney <bkearney>
Status: CLOSED DUPLICATE QA Contact: John Sefler <jsefler>
Severity: high Docs Contact:
Priority: unspecified    
Version: 0.5CC: alikins, dgoodwin, spandey
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-04-11 20:41:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description John Sefler 2011-04-09 15:55:59 UTC 
Description of problem:
I've never seen this problem and I don't know how my onpremises candlepin (branch 0.2) server with the TESTDATA deployed got into this state, but here's what I'm seeing...

On the client, I get a failure and a traceback in rhsm.log when I subscribe.  For example:

[root@jsefler-onprem-server ~]# subscription-manager subscribe --pool=8a90f8b42f386fd8012f387092a40138
Entitlement Certificate(s) update failed due to the following reasons:
	- sequence
[root@jsefler-onprem-server ~]# 


[root@jsefler-onprem-server ~]# tail -f /var/log/rhsm/rhsm.log

2011-04-09 09:20:46,003 [INFO] __init__() @connection.py:298 - Using certificate authentication: key = /etc/pki/consumer/key.pem, cert = /etc/pki/consumer/cert.pem, ca = /etc/rhsm/ca/, insecure = False
2011-04-09 09:20:46,003 [INFO] __init__() @connection.py:301 - Connection Established: host: jsefler-f14-candlepin.usersys.redhat.com, port: 8443, handler: /candlepin
2011-04-09 09:20:46,117 [DEBUG] __init__() @certlib.py:633 - Sorting product and entitlement cert status for: 2011-04-09 09:20:46.117415
2011-04-09 09:20:46,147 [DEBUG] _populate_all_products() @certlib.py:651 - Installed product IDs: ['1', '1144', '100000000000000', '83', '27060', '37062', '37090', '917571', '90', '37069', '37068', '37080', '37065', '69', '37067', '92', '37060', '37070', '85']
2011-04-09 09:20:46,147 [DEBUG] __init__() @certlib.py:642 - valid entitled products: []
2011-04-09 09:20:46,148 [DEBUG] __init__() @certlib.py:643 - expired entitled products: []
2011-04-09 09:20:46,149 [INFO] _request() @connection.py:147 - loading ca pem certificates from: /etc/rhsm/ca/
2011-04-09 09:20:46,150 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/redhat-uep.pem'
2011-04-09 09:20:46,150 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/jsefler-f14-candlepin.pem'
2011-04-09 09:20:46,151 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/fakamai-cp1.pem'
2011-04-09 09:20:46,151 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/candlepin-stage.pem'
2011-04-09 09:20:46,152 [INFO] _request() @connection.py:149 - work in insecure mode ?:False
2011-04-09 09:20:46,421 [INFO] _request() @connection.py:177 - status code: 200
2011-04-09 09:20:46,422 [INFO] _do_command() @managercli.py:551 - Info: Successfully subscribed the machine the Entitlement Pool 8a90f8b42f386fd8012f387092a40138
2011-04-09 09:20:46,425 [INFO] _request() @connection.py:147 - loading ca pem certificates from: /etc/rhsm/ca/
2011-04-09 09:20:46,425 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/redhat-uep.pem'
2011-04-09 09:20:46,426 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/jsefler-f14-candlepin.pem'
2011-04-09 09:20:46,426 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/fakamai-cp1.pem'
2011-04-09 09:20:46,426 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/candlepin-stage.pem'
2011-04-09 09:20:46,427 [INFO] _request() @connection.py:149 - work in insecure mode ?:False
2011-04-09 09:20:46,520 [INFO] _request() @connection.py:177 - status code: 200
2011-04-09 09:20:46,524 [INFO] _request() @connection.py:147 - loading ca pem certificates from: /etc/rhsm/ca/
2011-04-09 09:20:46,524 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/redhat-uep.pem'
2011-04-09 09:20:46,525 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/jsefler-f14-candlepin.pem'
2011-04-09 09:20:46,526 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/fakamai-cp1.pem'
2011-04-09 09:20:46,527 [INFO] _load_ca_certificates() @connection.py:134 - loading ca certificate '/etc/rhsm/ca/candlepin-stage.pem'
2011-04-09 09:20:46,527 [INFO] _request() @connection.py:149 - work in insecure mode ?:False
2011-04-09 09:20:46,606 [INFO] _request() @connection.py:177 - status code: 200
2011-04-09 09:20:46,609 [ERROR] install() @certlib.py:201 - iteration over non-sequence
Traceback (most recent call last):
  File "/usr/share/rhsm/certlib.py", line 197, in install
    key, cert = self.build(bundle)
TypeError: iteration over non-sequence
2011-04-09 09:20:46,611 [ERROR] install() @certlib.py:205 - Bundle not loaded:
{'updated': '2011-04-09T13:20:46.245+0000', 'created': '2011-04-09T13:20:46.245+0000', 'cert': '-----BEGIN CERTIFICATE-----\nMIIJlTCCCP6gAwIBAgIIU+mFFwNaG2YwDQYJKoZIhvcNAQEFBQAwUjExMC8GA1UE\nAwwoanNlZmxlci1mMTQtY2FuZGxlcGluLnVzZXJzeXMucmVkaGF0LmNvbTELMAkG\nA1UEBhMCVVMxEDAOBgNVBAcMB1JhbGVpZ2gwHhcNMTEwMzA4MDUwMDAwWhcNMTIw\nNDA4MDAwMDAwWjArMSkwJwYDVQQDDCA4YTkwZjhiNDJmMzg2ZmQ4MDEyZjNhNmJm\nYzk3MTdlNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMC8oV8hFc7J\nkw7Ul9V7a6hc0qGJzgpfFT6uy8dxIUpCrYCYNpcTitfcBEroGYOTPGfuA/25itR1\nYJonWi0s/eL/Gvd0Fzp7dlm1l5m9JjKYyC3BWgQn+tLFqARmMgPoC0vw8WdeaED9\neb6meqLGExQG55zVO9ZK7swGyMueGEOhdjxh0sbeGV018ifLtFXiH0vgaaoBe60K\nRr0k1M17zMkKNk+2by5pXLfEuPBh9vADXIrXYYo8ggHAsueZFwDbmVmts7rYbbA6\naKiYqpbSbX7nRBadweWihN+RtV9AFS56xJrbwTgrsoRTz/4paa8lVwildpFvA74w\n8ytGCvLMR3cCAwEAAaOCBxUwggcRMBEGCWCGSAGG+EIBAQQEAwIFoDALBgNVHQ8E\nBAMCBLAwgYIGA1UdIwR7MHmAFEQGCLDRq+4nYjfr1RObpu/qd1x3oVakVDBSMTEw\nLwYDVQQDDChqc2VmbGVyLWYxNC1jYW5kbGVwaW4udXNlcnN5cy5yZWRoYXQuY29t\nMQswCQYDVQQGEwJVUzEQMA4GA1UEBwwHUmFsZWlnaIIJAJQy7xaOTAETMB0GA1Ud\nDgQWBBTQOxyKyo87TUu/afaKkaM5ixX1ujATBgNVHSUEDDAKBggrBgEFBQcDAjAp\nBg0rBgEEAZIICQGCoUQBBBgMFkF3ZXNvbWUgT1MgU2VydmVyIEJpdHMwFAYLKwYB\nBAGSCAkCAgEEBQwDeXVtMCAGDCsGAQQBkggJAgIBAQQQDA50YWdnZWQtY29udGVu\ndDAgBgwrBgEEAZIICQICAQIEEAwOdGFnZ2VkLWNvbnRlbnQwHQYMKwYBBAGSCAkC\nAgEFBA0MC3Rlc3QtdmVuZG9yMCIGDCsGAQQBkggJAgIBBgQSDBAvZm9vL3BhdGgv\nYWx3YXlzMCYGDCsGAQQBkggJAgIBBwQWDBQvZm9vL3BhdGgvYWx3YXlzL2dwZzAT\nBgwrBgEEAZIICQICAQQEAwwBMDATBgwrBgEEAZIICQICAQMEAwwBMDATBgwrBgEE\nAZIICQICAQgEAwwBMTAbBgwrBgEEAZIICQICAQoECwwJVEFHMSxUQUcyMBQGCysG\nAQQBkggJAgEBBAUMA3l1bTAoBgwrBgEEAZIICQIBAQEEGAwWYWx3YXlzLWVuYWJs\nZWQtY29udGVudDAoBgwrBgEEAZIICQIBAQIEGAwWYWx3YXlzLWVuYWJsZWQtY29u\ndGVudDAdBgwrBgEEAZIICQIBAQUEDQwLdGVzdC12ZW5kb3IwIgYMKwYBBAGSCAkC\nAQEGBBIMEC9mb28vcGF0aC9hbHdheXMwJgYMKwYBBAGSCAkCAQEHBBYMFC9mb28v\ncGF0aC9hbHdheXMvZ3BnMBMGDCsGAQQBkggJAgEBBAQDDAEwMBMGDCsGAQQBkggJ\nAgEBAwQDDAEwMBMGDCsGAQQBkggJAgEBCAQDDAExMBUGDCsGAQQBkggJAgEBCQQF\nDAMyMDAwFAYLKwYBBAGSCAkCAAEEBQwDeXVtMCcGDCsGAQQBkggJAgABAQQXDBVu\nZXZlci1lbmFibGVkLWNvbnRlbnQwJwYMKwYBBAGSCAkCAAECBBcMFW5ldmVyLWVu\nYWJsZWQtY29udGVudDAdBgwrBgEEAZIICQIAAQUEDQwLdGVzdC12ZW5kb3IwIQYM\nKwYBBAGSCAkCAAEGBBEMDy9mb28vcGF0aC9uZXZlcjAlBgwrBgEEAZIICQIAAQcE\nFQwTL2Zvby9wYXRoL25ldmVyL2dwZzATBgwrBgEEAZIICQIAAQQEAwwBMDATBgwr\nBgEEAZIICQIAAQMEAwwBMDATBgwrBgEEAZIICQIAAQgEAwwBMDAVBgwrBgEEAZII\nCQIAAQkEBQwDNjAwMBUGDCsGAQQBkggJAohXAQQFDAN5dW0wGgYNKwYBBAGSCAkC\niFcBAQQJDAdjb250ZW50MCAGDSsGAQQBkggJAohXAQIEDwwNY29udGVudC1sYWJl\nbDAeBg0rBgEEAZIICQKIVwEFBA0MC3Rlc3QtdmVuZG9yMBwGDSsGAQQBkggJAohX\nAQYECwwJL2Zvby9wYXRoMCEGDSsGAQQBkggJAohXAQcEEAwOL2Zvby9wYXRoL2dw\nZy8wFAYNKwYBBAGSCAkCiFcBBAQDDAEwMBQGDSsGAQQBkggJAohXAQMEAwwBMDAU\nBg0rBgEEAZIICQKIVwEIBAMMATEwFAYNKwYBBAGSCAkCiFcBCQQDDAEwMDYGCisG\nAQQBkggJBAEEKAwmQXdlc29tZSBPUyB3aXRoIHVwIHRvIDQgdmlydHVhbCBndWVz\ndHMwMAYKKwYBBAGSCAkEAgQiDCA4YTkwZjhiNDJmMzg2ZmQ4MDEyZjM4NzA4OTA4\nMDEwNTAgBgorBgEEAZIICQQDBBIMEGF3ZXNvbWVvcy12aXJ0LTQwEgYKKwYBBAGS\nCAkEBQQEDAIxMDAkBgorBgEEAZIICQQGBBYMFDIwMTEtMDMtMDhUMDU6MDA6MDBa\nMCQGCisGAQQBkggJBAcEFgwUMjAxMi0wNC0wOFQwMDowMDowMFowEQYKKwYBBAGS\nCAkEDAQDDAEwMBIGCisGAQQBkggJBAoEBAwCNDAwGwYKKwYBBAGSCAkEDQQNDAsx\nMjMzMTEzMTIzMTARBgorBgEEAZIICQQOBAMMATAwEQYKKwYBBAGSCAkECwQDDAEx\nMDQGCisGAQQBkggJBQEEJgwkODQ1YzI1OGYtNGZjNC00ZWE2LWIzNmEtOTU4MWUy\nNmVhNTVmMA0GCSqGSIb3DQEBBQUAA4GBAHk2bxB/zTQuGlXXOGJcYEOTyMISh+79\nGdppjjBpMrzpymy6I7xAjzf6EZaa6aYEVc75RwEgNh8cg9wytsPI1TxK4N/lK3iL\nyyzvXN5OO83p1a3AZXmwZgE4uJlH+Qbc+o+cByu/K5vLVztP8HRy8acZ6I0OoLau\nPDEvcDPVGRZO\n-----END CERTIFICATE-----\n', 'key': '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwLyhXyEVzsmTDtSX1XtrqFzSoYnOCl8VPq7Lx3EhSkKtgJg2\nlxOK19wESugZg5M8Z+4D/bmK1HVgmidaLSz94v8a93QXOnt2WbWXmb0mMpjILcFa\nBCf60sWoBGYyA+gLS/DxZ15oQP15vqZ6osYTFAbnnNU71kruzAbIy54YQ6F2PGHS\nxt4ZXTXyJ8u0VeIfS+BpqgF7rQpGvSTUzXvMyQo2T7ZvLmlct8S48GH28ANcitdh\nijyCAcCy55kXANuZWa2zuthtsDpoqJiqltJtfudEFp3B5aKE35G1X0AVLnrEmtvB\nOCuyhFPP/ilpryVXCKV2kW8DvjDzK0YK8sxHdwIDAQABAoIBAChuaZu/IQgEGSlf\nR4qtHWRwNG9WrTZXw+kmWfE4tjcRzbvQMoN2wgWOTgg4sEF9vYo/z+6F4a24Ac/U\nuYIIkinwQgPvAoBuLeGbynWhzEWI71VJ3kxI5sEYXaqulYdkQhpoLPv2PgCEK+nm\nmotS6eWlnSi1Qpwtk/KQ6cZtH8Hv2vRsBPrQJOeOUUyEl3sMY3SWS/vkESSvl3Lx\nnj77TKsQXFdoIQaiFgAsfsJ/5ghGuAedhyCyWStRxrvdKh89rEyQ0T2gWq6pa7DF\niWPG/Ho9zJGRKnuJ5kjuZQD6OoL8ZIHxEwV8+MLnG25PfOFqlxMahGOkeKgiaN+Q\nohDfHWECgYEA/5r7yeqlxHfPDy3jFuQqZtZsBfk7WNA2BR0B5RT7kQBoBNptG8GU\n7ACl86tnw1ibc6WZhu1yivVoomLRkNDFx5te+1XbfQuncCYiyIsSsT1OALIP/Fet\nYWM9tC5WbCnrmgc2CwIx3sym4yuTwO8NF0vYGQlEZPekL13tZOMo/aMCgYEAwQjN\nBO8xQs1bsruH3GO3mXSaSnluhjWsoOrS2Cw4NuX1/475eLCgXU645Z0w3NCYZJG3\nbz1/OSiXyMKtV+0NyJ1dbzTEeckRsq19N3Q+DgQujOt8V3RnEIOdaM80YHK9p0sS\nJFMGTGIYqMru1MDZcz+j4zCOy4dnuk5S4hEbBB0CgYBLQPcGoKYDbP6ySmFEmRJ+\nynxtWc6GPG7bHIo1RvM14re9Tg23kUvmG97AGePn2IuUBdpopjoF/XC79noat8yz\nEuRo/QMtEqROWXv+LSvosNLpU4NvWOT7+jrtdIMPP1xVMfBQV2oVXY147piGwhrJ\nlBPgcyEG1P4qz+2XuWWVHwKBgGvik1MyrAF97MYT8XbHdJGbjbAZ9h+kV/sHwxd2\nf2SPWdGfAublMHt1x/jsxaZkHwf2OOM/J5+2hD58L414u79n1BSXFUhLjEykkdsw\naI5E4A96fWATepbMOGmfhNJyznR1jIoorNh76vRLlvfpYJ787ofHV8eAwgRqSgB3\nNvYxAoGBANx/ycpZ97s1KL7d80QikX22yHnSO2bfDr6QixsjmBnjPzZowMG5qyB6\ntUYES0CoZgCZn1QE7y7suek3egnfECBRkXAY8rhYF1qw33np2zIC3ARvQjmYpelj\n4SScUshF6HKhycChuZjTOZAx5B1YUIFC4MyM5x6/A79mxIE9ghyA\n-----END RSA PRIVATE KEY-----\n', 'serial': {'updated': '2011-04-09T13:20:46.237+0000', 'revoked': False, 'created': '2011-04-09T13:20:46.237+0000', 'expiration': '2012-04-08T00:00:00.000+0000', 'collected': False, 'serial': 6046510308608580454, 'id': 6046510308608580454}, 'id': '8a90f8b42f386fd8012f3a6bfca517e6'}
iteration over non-sequence
2011-04-09 09:20:46,612 [INFO] perform() @certlib.py:109 - certs updated:
Total updates: 0
Found (local) serial# []
Expected (UEP) serial# [6046510308608580454]
Added (new)
  <NONE>
Deleted (rogue):
  <NONE>
Expired (not deleted):
  <NONE>
Expired (deleted):
  <NONE>




Version-Release number of selected component (if applicable):
[root@jsefler-onprem-server ~]# rpm -q subscription-manager python-rhsm
subscription-manager-0.95.6-1.git.8.b2fb5ec.el6.x86_64
python-rhsm-0.95.6-1.git.0.b36d0a5.el6.noarch

[root@jsefler-f14-candlepin candlepin]# git branch
* 0.2
  master
[root@jsefler-f14-candlepin candlepin]# git show-ref 0.2
f5161b2e7ee085aaa10130f524d05d0cd461e310 refs/heads/0.2
9c13d6bf6d83070bbc78638f6ca3bc1dc5267977 refs/remotes/origin/0.2
Comment 1 John Sefler 2011-04-10 13:10:57 UTC 
Upon reviewing the automated test runs this weekend, I now have two onpremises servers that are running off branch 0.2 and are exhibiting the same "- sequence" error when subscribing.

I'm copying dgoodwin on this bug because of the coincidental timing with which he submitted changes for urgent bug 684350 - GET requests with Basic Auth has side effects.  I don't believe bug 684350 is related to this bug, but I want to make sure.

On the second candlepin server running branch 0.2, here are the automated git pull statements in the log that how what candlepin source might have changed to lead to this error:

201104090003:38.020 - FINE: ssh root.redhat.com cd /root/candlepin; git checkout master; git pull origin master (com.redhat.qe.tools.SSHCommandRunner.run)
201104090003:39.541 - FINE: Stdout: 
Your branch is ahead of 'origin/master' by 168 commits.
Updating 78282a1..b8afe4a
Fast-forward
 proxy/buildfile                                    |    2 +
 .../fedoraproject/candlepin/auth/Principal.java    |    4 +
 .../candlepin/resource/ConsumerResource.java       |   42 +++++++++--
 .../resteasy/interceptor/AuthInterceptor.java      |    5 +-
 .../candlepin/resteasy/interceptor/AuthUtil.java   |   73 ++++++++++++++++++++
 .../candlepin/resteasy/interceptor/BasicAuth.java  |   22 +++----
 .../resteasy/interceptor/ConsumerAuth.java         |    9 +--
 .../candlepin/resteasy/interceptor/OAuth.java      |   40 ++++++-----
 .../resteasy/interceptor/TrustedConsumerAuth.java  |    4 +-
 .../resteasy/interceptor/TrustedUserAuth.java      |    4 +-
 .../candlepin/resteasy/interceptor/UserAuth.java   |   47 +------------
 .../interceptor/BasicAuthViaUserServiceTest.java   |   26 +++-----
 12 files changed, 164 insertions(+), 114 deletions(-)
 create mode 100644 proxy/src/main/java/org/fedoraproject/candlepin/resteasy/interceptor/AuthUtil.java
 (com.redhat.qe.tools.SSHCommandRunner.runCommandAndWait)
201104090003:39.543 - FINE: Stderr: 
Switched to branch 'master'
From git://git.fedorahosted.org/candlepin
 * branch            master     -> FETCH_HEAD
 (com.redhat.qe.tools.SSHCommandRunner.runCommandAndWait)
201104090003:39.544 - FINE: ExitCode: 0 (com.redhat.qe.tools.SSHCommandRunner.runCommandAndWait)
201104090003:39.545 - INFO: Asserted: 0 is present in the list [0] (com.redhat.qe.auto.testng.Assert.pass)
201104090003:39.546 - INFO: Asserted: Stderr from command 'cd /root/candlepin; git checkout master; git pull origin master' contains matches to regex '(Already on|Switched to branch) 'master'', (com.redhat.qe.auto.testng.Assert.pass)
201104090003:39.547 - FINE: Matches:  (com.redhat.qe.auto.testng.Assert.assertContainsMatch)
201104090003:39.548 - FINE: Switched to branch 'master' (com.redhat.qe.auto.testng.Assert.assertContainsMatch)
201104090003:39.549 - FINE: ssh root.redhat.com cd /root/candlepin; git checkout 0.2; git pull origin 0.2 (com.redhat.qe.tools.SSHCommandRunner.run)
201104090003:40.647 - FINE: Stdout: 
Your branch is ahead of 'origin/0.2' by 87 commits.
Updating 9063f74..f5161b2
Fast-forward
 .../fedoraproject/candlepin/auth/Principal.java    |    4 ++
 .../candlepin/resource/ConsumerResource.java       |   42 ++++++++++++++++----
 .../candlepin/resteasy/interceptor/BasicAuth.java  |    9 ++--
 3 files changed, 42 insertions(+), 13 deletions(-)
 (com.redhat.qe.tools.SSHCommandRunner.runCommandAndWait)
201104090003:40.648 - FINE: Stderr: 
Switched to branch '0.2'
From git://git.fedorahosted.org/candlepin
 * branch            0.2        -> FETCH_HEAD
Comment 2 Adrian Likins 2011-04-11 20:17:28 UTC 
This is a subscription-manager bug, introduced in:


commit b2fb5ec07f25652aa38e3e31152b9ad3ddb6165a
Author: Adrian Likins <alikins>
Date:   Thu Apr 7 15:50:19 2011 -0400

    691784: Fix handling of unsubscribing imported certs while unregistered
    
    The core of the bugfix is in mysubstab._on_unsubscribe_prompt_response.
    We don't try to unbindBySerial if we are not registered (via new
    managerGui.Backend.is_registered()). We also try/except around
    the update to catch the Disconnected exception if well, we are
    disconnected. We also change the store serial type to long, so
    the cert lookup works correctly.
    
    we also remove some unused code from certlib/certmgr (the *add) code
    and refactor certlib.delete to expect an array of longs, not a
    var arg.


We need bugs for rhel5 and 6
Comment 3 Adrian Likins 2011-04-11 20:41:17 UTC 

*** This bug has been marked as a duplicate of bug 691784 ***
Comment 4 John Sefler 2011-04-13 18:35:14 UTC 
Verification for this bug fix against rhel6 is here:
https://bugzilla.redhat.com/show_bug.cgi?id=691784#c15