Bug 998831
Summary: | The result of 'yum repolist' is not 0 if the system date is invalid in subscriptions' valid time. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | qianzhan |
Component: | subscription-manager | Assignee: | Jesus M. Rodriguez <jesusr> |
Status: | CLOSED WONTFIX | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.0 | CC: | alikins, bkearney, gxing, jesusr, liliu, sgao |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-02-04 17:09:50 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 863175 |
Description
qianzhan
2013-08-20 07:53:55 UTC
I think thumbslug and yum/subscription-manager plugin behaviour is correct here. The entitlement certs are valid, and do grant access to the content. So not a thumbslug bug. 'subscription-manager list --consumed' is being a little strange here, because it is filtering entitlement certificates based on local client time being outside the range of the certs date range. More precisely, the Certificate.is_valid method from python-rhsm does the local time compare, and some subscription-manager code uses that. subscription-manager client code uses local time to calculate ent cert validity in a few places. Ideally, those should be changed to only involve the entitlement servers concept of validity. Most of the client checks are leftovers from before server side entitlement status calculation, but some have been left to support disconnected cases. Ideally, entitlement certficate validity checks would rely on the entitlement server, and only fall back to local time checks for disconnected scenarios. Since we do need to support that. - not a thumbslug bug - behaviour is correct for correct local time, so not a blocker I'm going to move this to a subscription-manager bug since we could potentially change code there to handle this unusual case differently. Moving the client/server times into the future is always problematic. It is better to create entitlements that are short lived and will expire in 5 or 10 minutes and let them expire. |