Bug 1103809 - [abrt] subscription-manager: certificate2.py:65:create_from_file:IOError: [Errno 13] Permission denied: 'redhat-uep.pem'
Summary: [abrt] subscription-manager: certificate2.py:65:create_from_file:IOError: [Er...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: subscription-manager
Version: 20
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Devan Goodwin
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:a08d058e4c370d11e4001fb7093...
Depends On:
Blocks: rhsm-rhel71
TreeView+ depends on / blocked
 
Reported: 2014-06-02 15:42 UTC by Aaron Thomas
Modified: 2014-11-03 18:32 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2014-11-03 18:21:37 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
File: backtrace (1.11 KB, text/plain)
2014-06-02 15:42 UTC, Aaron Thomas 		no flags Details
File: environ (3.30 KB, text/plain)
2014-06-02 15:42 UTC, Aaron Thomas 		no flags Details
View All

Description Aaron Thomas 2014-06-02 15:42:28 UTC 
Version-Release number of selected component:
subscription-manager-1.11.1-1.fc20

Additional info:
reporter:       libreport-2.2.1
cmdline:        /usr/bin/python -S /usr/bin/rct cat-cert redhat-uep.pem
dso_list:       python-rhsm-1.11.1-1.fc20.x86_64
executable:     /usr/bin/rct
kernel:         3.13.9-200.fc20.x86_64
runlevel:       N 5
type:           Python
uid:            1000

Truncated backtrace:
certificate2.py:65:create_from_file:IOError: [Errno 13] Permission denied: 'redhat-uep.pem'

Traceback (most recent call last):
  File "/usr/bin/rct", line 49, in <module>
    sys.exit(abs(main() or 0))
  File "/usr/bin/rct", line 44, in main
    return RctCLI().main()
  File "/usr/share/rhsm/subscription_manager/cli.py", line 160, in main
    return cmd.main()
  File "/usr/share/rhsm/rct/commands.py", line 39, in main
    return_code = self._do_command()
  File "/usr/share/rhsm/rct/cert_commands.py", line 74, in _do_command
    cert = self._create_cert()
  File "/usr/share/rhsm/rct/cert_commands.py", line 43, in _create_cert
    return certificate.create_from_file(cert_file)
  File "/usr/lib64/python2.7/site-packages/rhsm/certificate.py", line 59, in create_from_file
    return _CertFactory().create_from_file(path)
  File "/usr/lib64/python2.7/site-packages/rhsm/certificate2.py", line 65, in create_from_file
    pem = open(path, 'r').read()
IOError: [Errno 13] Permission denied: 'redhat-uep.pem'

Local variables in innermost frame:
path: 'redhat-uep.pem'
self: <rhsm.certificate2._CertFactory object at 0x7f2a6b43a210>
Comment 1 Aaron Thomas 2014-06-02 15:42:34 UTC 
Created attachment 901481 [details]
File: backtrace
Comment 2 Aaron Thomas 2014-06-02 15:42:36 UTC 
Created attachment 901482 [details]
File: environ
Comment 3 Devan Goodwin 2014-11-03 18:21:37 UTC 
I don't think there's a bug here, this seems like legitimate behavior when you do not have permission to read the file in question. Also rct cat-cert is for entitlement/product certs, not redhat-uep.pem (which is a CA cert for our CDN).

Please feel free to re-open if there are concerns but this looks correct to me.
Comment 4 Alex Wood 2014-11-03 18:32:25 UTC 
Please note that I have recently changed the permissions (https://github.com/candlepin/python-rhsm/commit/e21393f3e7b71a27e0d68d957cfa5c2326374ea3) on the redhat-uep.pem file so that it is no longer 640 but 644.  In the future that file will be world-readable.  Notwithstanding that change, rct cat-cert will still be of little use when run against a CA certificate.
Note You need to log in before you can comment on or make changes to this bug.