Bug 970248
| Summary: | package install fails if gpg is not imported | ||
|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Justin Sherrill <jsherril> |
| Component: | katello-agent | Assignee: | Justin Sherrill <jsherril> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Og Maciel <omaciel> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.0.1 | CC: | bbuckingham, omaciel |
| Target Milestone: | Unspecified | Keywords: | Triaged |
| Target Release: | Unused | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-07-18 21:20:22 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Note that his requires runcible 0.4.9 Mass move to ON_QA I was able to register and install a signed package (Google Chrome) to my client which leads me to believe that I could close this as VERIFIED, but I have a question. Where should the imported key for the custom product be placed in the client? I could not see it under /etc/pki/rpm-gpg/ I was able to register and install a signed package (Google Chrome) to my client which leads me to believe that I could close this as VERIFIED, but I have a question. Where should the imported key for the custom product be placed in the client? I could not see it under /etc/pki/rpm-gpg/ Verified: * apr-util-ldap-1.3.9-3.el6_0.1.x86_64 * candlepin-0.8.9-1.el6_4.noarch * candlepin-scl-1-5.el6_4.noarch * candlepin-scl-quartz-2.1.5-5.el6_4.noarch * candlepin-scl-rhino-1.7R3-1.el6_4.noarch * candlepin-scl-runtime-1-5.el6_4.noarch * candlepin-selinux-0.8.9-1.el6_4.noarch * candlepin-tomcat6-0.8.9-1.el6_4.noarch * elasticsearch-0.19.9-8.el6sat.noarch * foreman-1.1.10009-1.noarch * foreman-compute-1.1.10009-1.noarch * foreman-installer-puppet-concat-0-2.d776701.git.0.21ef926.el6sat.noarch * foreman-installer-puppet-dhcp-0-5.3a4a13c.el6sat.noarch * foreman-installer-puppet-dns-0-7.fcae203.el6sat.noarch * foreman-installer-puppet-foreman-0-6.568c5c4.el6sat.noarch * foreman-installer-puppet-foreman_proxy-0-8.bd1e35d.el6sat.noarch * foreman-installer-puppet-puppet-0-3.ab46748.el6sat.noarch * foreman-installer-puppet-tftp-0-5.ea6c5e5.el6sat.noarch * foreman-installer-puppet-xinetd-0-50a267b8.git.0.44aca6a.el6sat.noarch * foreman-libvirt-1.1.10009-1.noarch * foreman-postgresql-1.1.10009-1.noarch * foreman-proxy-1.1.10003-1.el6sat.noarch * foreman-proxy-installer-1.0.1-8.f5ae2cd.el6sat.noarch * katello-1.4.2-12.el6sat.noarch * katello-all-1.4.2-12.el6sat.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.4.2-2.el6sat.noarch * katello-cli-1.4.2-7.el6sat.noarch * katello-cli-common-1.4.2-7.el6sat.noarch * katello-common-1.4.2-12.el6sat.noarch * katello-configure-1.4.3-15.el6sat.noarch * katello-configure-foreman-1.4.3-15.el6sat.noarch * katello-foreman-all-1.4.2-12.el6sat.noarch * katello-glue-candlepin-1.4.2-12.el6sat.noarch * katello-glue-elasticsearch-1.4.2-12.el6sat.noarch * katello-glue-pulp-1.4.2-12.el6sat.noarch * katello-qpid-broker-key-pair-1.0-1.noarch * katello-qpid-client-key-pair-1.0-1.noarch * katello-selinux-1.4.3-3.el6sat.noarch * openldap-2.4.23-31.el6.x86_64 * pulp-rpm-plugins-2.1.1-1.el6sat.noarch * pulp-selinux-2.1.1-1.el6sat.noarch * pulp-server-2.1.1-1.el6sat.noarch * python-ldap-2.3.10-1.el6.x86_64 * ruby193-rubygem-ldap_fluff-0.2.2-1.el6sat.noarch * ruby193-rubygem-net-ldap-0.3.1-2.el6sat.noarch * signo-0.0.16-1.el6sat.noarch * signo-katello-0.0.16-1.el6sat.noarch mass move to CLOSED:CURRENTRELEASE since MDP1 has been released. |
Description of problem: Currently package/errata/group installs/updates will fail if the gpg key of the repo is not already imported on the client machine. We should support auto-importing of the gpg key. How reproducible: always Steps to Reproduce: 1. Setup a custom repo with gpg signed rpms 2. Create a new gpg key in katello and associate it to the repo 3. Register client (with katello-agent installed) to repo and try to initiate package install Actual results: will fail because gpg key is not imported Expected results: Should auto-import the gpg key. Additional info: 1) The katello agent will support installing GPG keys, as needed, during package (or package group) install|update requests. But, only when the 'importkeys' options is included in the "options" that are specified in the REST call. "options": {"importkeys": true} How this fits into the rest of the POST body is documented in the 'content management'[1] section of the pulp dev-guide. 2) The bind REST API calls support a "notify_agent" flag. When specified as FALSE, the pulp server will omit any tasks pertaining to agent participation in the bind flow. When these tasks are omitted, no messages are sent to the agent. When the "notify_agent" flag is not specified it defaults to (true) which, in the katello use case, causes tracebacks[1] in the agent.log and clutters up the tasking system with tasks that eventually timeout and fail. This flag is documented in the "Repository Binding"[2] section of the pulp dev-guide.