1033592 – Splice-export command syntax

Bug 1033592 - Splice-export command syntax

Summary: Splice-export command syntax

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite 5
Classification:	Red Hat
Component:	Docs Installation Guide
Sub Component:
Version:	560
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Megan Lewis
QA Contact:	Dan Macpherson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	sat-docs
TreeView+	depends on / blocked

Reported:	2013-11-22 12:53 UTC by James Genus Jr.
Modified:	2018-12-04 16:25 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-07-07 23:58:57 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description James Genus Jr. 2013-11-22 12:53:38 UTC

Description of problem:

Incorrect splice-export command in Section 4.4.3. Configuring Servers for Enhanced Entitlements Reporting

Version-Release number of selected component (if applicable):
Satellite 5.6


How reproducible:

Always


Steps to Reproduce:
1. [root@sam13] # su - splice -s /bin/bash
2. [splice@sam13] # ssh -i /var/lib/splice/id_rsa-sat swreport@sat56-hostname splice-export
3.

Actual results:

[splice@sam13] # ssh -i /var/lib/splice/id_rsa-sat swreport@sat56-hostname splice-export splice-export
bash: splice-export: command not found


Expected results:
Output from spacewalk-report splice-export

Additional info:

Correct command syntax below
1. [root@sam13] # su - splice -s /bin/bash
2. [splice@sam13] # ssh -i /var/lib/splice/id_rsa-sat swreport@sat56-hostname spacewalk-report splice-export

Comment 1 James Genus Jr. 2013-11-22 12:56:05 UTC

Actual results should read:

[splice@sam13] # ssh -i /var/lib/splice/id_rsa-sat swreport@sat56-hostname splice-export
bash: splice-export: command not found

Comment 2 Dan Macpherson 2014-01-21 15:19:48 UTC

This bug can be worked on early during the planning stages for Satellite 5.7.

Comment 4 Rich Jerrido 2014-01-29 17:33:02 UTC

This bug can be reproduced if 

'command="/usr/bin/spacewalk-report $SSH_ORIGINAL_COMMAND" ' 

isn't prepending the SSH key in the swreport user's authorized_keys file on the same line or has additional characters between it and the ssh key.  When this happens, SSH ignores it, and the $SSH_ORGINAL_COMMAND varible isn't properly passed via the SSH connection. 

It would be prudent to check the authorized_keys files to make sure it is syntactically correct.  run 'cat -vet' against it to make sure there aren't any newlines or unwanted characters between the command directive and the ssh key itself. Additionally, it wouldn't be a bad idea to update Step 6 of Procedure 4.2. To Configure Servers for Enhanced Entitlements Reporting to reflect this. 

Suggestion would be:
"Prepend the SAM public key content in /home/swreport/.ssh/authorized_keys with the following, ensuring that the prepended text is on the same line as the SSH public key:

command="/usr/bin/spacewalk-report $SSH_ORIGINAL_COMMAND"

This ensures the swreport user only uses the spacewalk-report command."

Note You need to log in before you can comment on or make changes to this bug.