Bug 1277974 - [RFE] errata does not function without metadata in satellite 6
[RFE] errata does not function without metadata in satellite 6
Status: NEW
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Errata Management (Show other bugs)
6.1.3
All All
unspecified Severity medium (vote)
: Unspecified
: --
Assigned To: satellite6-bugs
: FutureFeature, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-04 07:56 EST by cmilsted
Modified: 2016-11-04 01:29 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description cmilsted 2015-11-04 07:56:19 EST
Description of problem:

When viewing a content host, the number of errata reported seems to be based on the following:

1. The repository must be enabled on the content host (i.e. subscription-manager repos disable=rhel-7-server-rpms will change the number of reported errata for that content host) 
2. The errata meta-data must be synchronised to the satellite server (i.e. if there are packages installed from the optional/epel/extras channels or similar, if we have not synchronised these entire channels to Satellite then we will not get errata reports).

This is not great and there are two options I would like to see implemented:

1. A meta-data only download for ALL red hat and non-red hat channels to allow a global view of errata to be produced.
2. if there are packages on the content host which we are not reporting on, then I would like to see an "unknown errata" count.. i.e. we have security/enhancement/bug categories, I would also like to know if there are RPMs installed on a machine for which I have no metadata to calculate this from. 


Version-Release number of selected component (if applicable):

6.1.3


How reproducible:

Every time.


Steps to Reproduce:
1.Install a content host with a package from optional or extras or epel which has a known vulnerability (e.g. docker 1.6) 
2.bring this host under management of a satellite server which DOES NOT have extras (or similar) synchronised.
3. You do not see that the docker package is vulnerable.

OR

1. Add a content host to a satellite server, make sure auto attach runs and rhel-7-server-rpms is enabled or similar.
2. Navigate to hosts -> content host and note that there are errata count for the content host.
3. On the client run subscription-manager repos disable=XXXX and then note the new errata count on the Satellite server.

Actual results:

I would expect to be notified that there are packages on the content host which we do not have metadata for and cannot calculate if there are errata applicable for this. I would also like an "errata metadata only" synchronise to fix this for at least the red hat products.

Expected results:

All packages are accounted for and I get a complete picture of errata.


Additional info:

Note You need to log in before you can comment on or make changes to this bug.