Bug 798351

Summary: Amazon AMI's don't have required product certificate for RHEL 6.2 by default
Product: Red Hat Satellite Reporter: scollier
Component: katello-agentAssignee: Bryan Kearney <bkearney>
Status: CLOSED NOTABUG QA Contact: Katello QA List <katello-qa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.0.1CC: cmorgan, cpelland, jlaska, mmccune, scollier, sreichar, tsanders, whayutin
Target Milestone: UnspecifiedKeywords: Reopened, Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 800120 800122 (view as bug list) Environment:
Last Closed: 2012-03-22 14:49:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 800120, 800122    

Description scollier 2012-02-28 17:35:12 UTC 
Description of problem:

You have a system engine server with synchronized Red Hat content.  This content contains a RHEL 6.2 repo.  When you deploy an instance to ec2 you can subscribe it to the system engine server (using ssh tunneling in this case).  The issue is that you can subscribe to a pool, but when you do a yum repolist on the instance in ec2, you get the following error in the /var/log/rhsm/rhsm.log:

2012-02-28 11:44:19,317 [DEBUG]  @repolib.py:144 - Missing required tag 'rhel-6-server', skipping content: rhel-6-server-rpms


Version-Release number of selected component (if applicable):

PyYAML-3.09-14.el6_1.x86_64
facter-1.5.9-1.el6.noarch
js-1.8.5-6.el6.x86_64
mongodb-1.8.2-3.el6.x86_64
mongodb-server-1.8.2-3.el6.x86_64
puppet-2.6.11-1.el6_1.noarch
pymongo-1.9-8.el6_1.x86_64
tomcat6-6.0.24-35.el6_1.noarch
ruby-1.8.7.352-5.el6_2.x86_64
grinder-0.0.136-1.el6.noarch
postgresql-server-8.4.9-1.el6_1.1.x86_64
postgresql-8.4.9-1.el6_1.1.x86_64
candlepin-0.5.20-1.el6.noarch
pulp-0.0.265-1.el6.noarch
katello-0.1.238-4.el6.noarch
katello-all-0.1.238-4.el6.noarch
katello-cli-0.1.54-2.el6.noarch
katello-configure-0.1.64-5.el6.noarch

How reproducible:

always

Steps to Reproduce:
1.
2.
3.
  
Actual results:

doesn't list the repo

Expected results:

the repo is listed and is accessible.


Additional info:

You can work around this by taking the Red Hat product certificate and creating a /etc/pki/product/69.pem.

Then it works.  I'm concerned that our customers won't have access to that or know how to implement this fix.
Comment 8 RHEL Program Management 2012-03-21 18:05:45 UTC 
Quality Engineering Management has reviewed and declined this request.
You may appeal this decision by reopening this request.
Comment 9 wes hayutin 2012-03-21 22:55:19 UTC 
QE NACK, but reopening until we hear proposed solutions.
Comment 11 wes hayutin 2012-03-22 14:49:23 UTC 
(In reply to comment #0)
> Description of problem:
> 
> You have a system engine server with synchronized Red Hat content.  This
> content contains a RHEL 6.2 repo.  When you deploy an instance to ec2 you can
> subscribe it to the system engine server (using ssh tunneling in this case). 
> The issue is that you can subscribe to a pool, but when you do a yum repolist
> on the instance in ec2, you get the following error in the
> /var/log/rhsm/rhsm.log:
> 
> 2012-02-28 11:44:19,317 [DEBUG]  @repolib.py:144 - Missing required tag
> 'rhel-6-server', skipping content: rhel-6-server-rpms
> 
> 
> Version-Release number of selected component (if applicable):
> 
> PyYAML-3.09-14.el6_1.x86_64
> facter-1.5.9-1.el6.noarch
> js-1.8.5-6.el6.x86_64
> mongodb-1.8.2-3.el6.x86_64
> mongodb-server-1.8.2-3.el6.x86_64
> puppet-2.6.11-1.el6_1.noarch
> pymongo-1.9-8.el6_1.x86_64
> tomcat6-6.0.24-35.el6_1.noarch
> ruby-1.8.7.352-5.el6_2.x86_64
> grinder-0.0.136-1.el6.noarch
> postgresql-server-8.4.9-1.el6_1.1.x86_64
> postgresql-8.4.9-1.el6_1.1.x86_64
> candlepin-0.5.20-1.el6.noarch
> pulp-0.0.265-1.el6.noarch
> katello-0.1.238-4.el6.noarch
> katello-all-0.1.238-4.el6.noarch
> katello-cli-0.1.54-2.el6.noarch
> katello-configure-0.1.64-5.el6.noarch
> 
> How reproducible:
> 
> always
> 
> Steps to Reproduce:
> 1.
> 2.
> 3.
> 
> Actual results:
> 
> doesn't list the repo
> 
> Expected results:
> 
> the repo is listed and is accessible.
> 
> 
> Additional info:
> 
> You can work around this by taking the Red Hat product certificate and creating
> a /etc/pki/product/69.pem.
> 
> Then it works.  I'm concerned that our customers won't have access to that or
> know how to implement this fix.

Scott adjust your config server script...

1. dont disable the rhui repos
2. install a pkg from base
3. disable the rhui repo
4. katello repo's will now be visible

[root@ip-10-110-201-222 product]# ls
69.pem  backup
[root@ip-10-110-201-222 product]# 
[root@ip-10-110-201-222 product]# 
[root@ip-10-110-201-222 product]# 
[root@ip-10-110-201-222 product]# rm -Rf 69.pem 
[root@ip-10-110-201-222 product]# yum repolist
Loaded plugins: amazon-id, product-id, rhui-lb, security, subscription-manager
Updating certificate-based repositories.
repo id                                         repo name                                            status
rhui-us-east-1-rhel-server-releases             Red Hat Enterprise Linux Server 6 (RPMs)             6,985
repolist: 6,985
[root@ip-10-110-201-222 product]# ls
backup
[root@ip-10-110-201-222 product]# pwd
/etc/pki/product
[root@ip-10-110-201-222 product]# yum remove zsh -y ; ls; yum install zsh -y ; ls
Loaded plugins: amazon-id, product-id, rhui-lb, security, subscription-manager
Updating certificate-based repositories.
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package zsh.x86_64 0:4.3.10-4.1.el6 will be erased
--> Finished Dependency Resolution
 
Dependencies Resolved
 
===========================================================================================================
 Package          Arch                Version                       Repository                        Size
===========================================================================================================
Removing:
 zsh              x86_64              4.3.10-4.1.el6                @rhel-6-server-rpms              4.8 M
 
Transaction Summary
===========================================================================================================
Remove        1 Package(s)
 
Installed size: 4.8 M
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Erasing    : zsh-4.3.10-4.1.el6.x86_64                                                               1/1 
Installed products updated.
 
Removed:
  zsh.x86_64 0:4.3.10-4.1.el6                                                                              
 
Complete!
69.pem  backup
Loaded plugins: amazon-id, product-id, rhui-lb, security, subscription-manager
Updating certificate-based repositories.
rhel-6-server-cf-tools-1-rpms                                                       | 2.5 kB     00:00     
rhel-6-server-rpms                                                                  | 3.8 kB     00:00     
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package zsh.x86_64 0:4.3.10-4.1.el6 will be installed
--> Finished Dependency Resolution
 
Dependencies Resolved
 
===========================================================================================================
 Package          Arch                Version                        Repository                       Size
===========================================================================================================
Installing:
 zsh              x86_64              4.3.10-4.1.el6                 rhel-6-server-rpms              2.1 M
 
Transaction Summary
===========================================================================================================
Install       1 Package(s)
 
Total download size: 2.1 M
Installed size: 2.1 M
Downloading Packages:
zsh-4.3.10-4.1.el6.x86_64.rpm                                                       | 2.1 MB     00:00     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : zsh-4.3.10-4.1.el6.x86_64                                                               1/1 
Installed products updated.
 
Installed:
  zsh.x86_64 0:4.3.10-4.1.el6                                                                              
 
Complete!
69.pem  backup
Revise paste →
Comment 12 wes hayutin 2012-03-22 19:57:30 UTC 
Comment 11 is invalid, the only reason why that worked in the first place was that the product pem file was added manually, then registered to katello. 

Another solution will have to be found to add the product cert to ami's
Comment 14 Mike McCune 2013-08-16 18:06:25 UTC 
getting rid of 6.0.0 version since that doesn't exist