Bug 988476
Summary: | eliminate extra parameters from subscription-manager config --list/--set/--remove | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | John Sefler <jsefler> |
Component: | python-rhsm | Assignee: | Carter Kozak <ckozak> |
Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 5.10 | CC: | bkearney, fsharath, jesusr, lmiksik |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-30 22:32:05 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 840995 |
Description
John Sefler
2013-07-25 16:28:20 UTC
commit 4761f79238e0181333296d43beef3cd79e765fb8 Author: ckozak <ckozak> Date: Thu Jul 25 10:46:59 2013 -0400 988476, 988085: fix default hostname, remove excess config list output commit ccb343c6330e16694b0ab9450c216ba3fa42f0cb Author: ckozak <ckozak> Date: Wed Jul 31 12:08:11 2013 -0400 fix config failure Moving these to ON_QA. The tooling must have missed moving these. Moving back to POST. These commits were made to python-rhsm (not subscription-manager) version: # rpm -qa | egrep "subscription-manager|python-rhsm" subscription-manager-1.8.16-1.el5 subscription-manager-debuginfo-1.8.16-1.el5 subscription-manager-migration-data-1.11.3.2-1.git.0.14f9d59.el5 subscription-manager-firstboot-1.8.16-1.el5 python-rhsm-1.8.16-1.el5 subscription-manager-migration-1.8.16-1.el5 python-rhsm-debuginfo-1.8.16-1.el5 subscription-manager-gui-1.8.16-1.el5 Verification: # subscription-manager config --list [server] ca_cert_dir = [/etc/rhsm/ca/] hostname = sharath-candlepin.usersys.redhat.com insecure = [0] port = 8443 prefix = /candlepin proxy_hostname = [] proxy_password = [] proxy_port = [] proxy_user = [] ssl_verify_depth = [3] [rhsm] baseurl = [https://cdn.redhat.com] ca_cert_dir = [/etc/rhsm/ca/] <<<<<<< TO BE REMOVED consumercertdir = [/etc/pki/consumer] entitlementcertdir = [/etc/pki/entitlement] manage_repos = [1] pluginconfdir = [/etc/rhsm/pluginconf.d] plugindir = [/usr/share/rhsm-plugins] productcertdir = [/etc/pki/product] repo_ca_cert = [/etc/rhsm/ca/redhat-uep.pem] report_package_profile = [1] [rhsmcertd] autoattachinterval = [1440] certcheckinterval = [240] [] - Default value in use Moving back to NEW This bug is fixed. The output you pointed out shows an ca_cert_dir in both server and rhsm (it is only used in the [rhsm] section), however it is wrong in your config file. If you make the config file valid, it will only appear in [rhsm] the real bug is https://bugzilla.redhat.com/show_bug.cgi?id=993202 As per Comment #6 this bug results in a misconfigured client. Moving back to ON_QA The following confguration will be installed by a fresh install of subscription-manager (not an upgrade)... [root@jsefler-5 ~]# rpm -q subscription-manager subscription-manager-1.8.20-1.el5 [root@jsefler-5 ~]# subscription-manager config [server] hostname = [subscription.rhn.redhat.com] insecure = [0] port = [443] prefix = [/subscription] proxy_hostname = [] proxy_password = [] proxy_port = [] proxy_user = [] ssl_verify_depth = [3] [rhsm] baseurl = https://cdn.rcm-qa.redhat.com ca_cert_dir = [/etc/rhsm/ca/] consumercertdir = [/etc/pki/consumer] entitlementcertdir = [/etc/pki/entitlement] manage_repos = [1] pluginconfdir = [/etc/rhsm/pluginconf.d] plugindir = [/usr/share/rhsm-plugins] productcertdir = [/etc/pki/product] repo_ca_cert = [/etc/rhsm/ca/redhat-uep.pem] report_package_profile = [1] [rhsmcertd] autoattachinterval = [1440] certcheckinterval = [240] [] - Default value in use ^ Notice that ca_cert_dir now resides in the [rhsm] section as a result of comment 6 bug 993202 However as demonstrated in comment 5 (and below), if you upgrade subscription-manager, the ca_cert_dir will appear in both [server] and [rhsm] sections of the config --list. The [server].ca_cert_dir will actually be ignored - it's a casualty of war since it remains in place from the old subscription-manager version. The [rhsm].ca_cert_dir is the actual value that now matters and will be used. Unfortunately if you inspect the rhsm.conf, it will not have been changed during the yum update and therefore will still show ca_cert_dir in the [server] section and *not* in the [rhsm] section where it belongs. Also notice below that [rhsmcertd] configuration parameters certfrequency and healfrequency are present in the rhsm.conf but are not actually used - they are also casualties of war - certcheckinterval and autoattachinterval are the names of their new replacements. [root@rhsm-accept-rhel6 ~]# rpm -q subscription-manager subscription-manager-1.8.20-1.el6_4.x86_64 [root@rhsm-accept-rhel6 ~]# subscription-manager config [server] ca_cert_dir = /etc/rhsm/ca/ hostname = subscription.rhn.stage.redhat.com insecure = [0] port = [443] prefix = [/subscription] proxy_hostname = [] proxy_password = [] proxy_port = [] proxy_user = [] ssl_verify_depth = [3] [rhsm] baseurl = [https://cdn.redhat.com] ca_cert_dir = [/etc/rhsm/ca/] consumercertdir = [/etc/pki/consumer] entitlementcertdir = [/etc/pki/entitlement] manage_repos = [1] pluginconfdir = [/etc/rhsm/pluginconf.d] plugindir = [/usr/share/rhsm-plugins] productcertdir = [/etc/pki/product] repo_ca_cert = [/etc/rhsm/ca/redhat-uep.pem] report_package_profile = [1] [rhsmcertd] autoattachinterval = [1440] certcheckinterval = [240] certfrequency = 240 healfrequency = 1440 [] - Default value in use Realize that when development changes are made to the default rhsm.conf file, an upgrade will not change the old rhsm.conf thereby creating the casualty situations described above. This can definitely be a confusing situation for the user. Moving to VERIFIED Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1331.html |