Hide Forgot
Description of problem: Function 'a - add a new Red Hat content repository' doesn't check whether the RH certificate file exists Version-Release number of selected component (if applicable): >> rpm -qa *rhui* rhui-installer-base-0.0.24-1.el7ui.noarch rh-rhui-tools-libs-pre.3.0.16-1.el7ui.noarch rhui-installer-0.0.24-1.el7ui.noarch rh-rhui-tools-pre.3.0.16-1.el7ui.noarch rhui-default-ca-1.0-1.noarch rh-amazon-rhui-client-2.2.118-1.el7.noarch rh-amazon-rhui-client-rhs30-2.2.124-1.el7.noarch RHUI iso 20151013 How reproducible: always Steps to Reproduce: 1. Upload the RH content certificate 2. List the RH content certificate to ensure it's there 3. remove this file from /etc/pki/rhui/redhat 4. call for 'add a new Red Hat content repository' function 5. wait for ~40 min and observe an error Actual results: >> rhui (entitlements) => u Full path to the new content certificate: /root/8a85f98146a087b80146afacb3362499.pem The RHUI will be updated with the following certificate: /root/8a85f98146a087b80146afacb3362499.pem Proceed? (y/n) y Red Hat Entitlements Valid JBoss Enterprise Application Platform 5 (for RHEL 6 Server) (Debug RPMs) from RHUI Expiration: 01-01-2022 Certificate: 8a85f98146a087b80146afacb3362499.pem JBoss Enterprise Application Platform 5 (for RHEL 6 Server) (RPMs) from RHUI Expiration: 01-01-2022 Certificate: 8a85f98146a087b80146afacb3362499.pem JBoss Enterprise Application Platform 5 (for RHEL 6 Server) (Source RPMs) from RHUI Expiration: 01-01-2022 Certificate: 8a85f98146a087b80146afacb3362499.pem JBoss Enterprise Application Platform 6 (for RHEL 6 Server) (Debug RPMs) from RHUI Expiration: 01-01-2022 Certificate: 8a85f98146a087b80146afacb3362499.pem JBoss Enterprise Application Platform 6 (for RHEL 6 Server) (RPMs) from RHUI Expiration: 01-01-2022 Certificate: 8a85f98146a087b80146afacb3362499.pem JBoss Enterprise Application Platform 6 (for RHEL 6 Server) (Source RPMs) from RHUI Expiration: 01-01-2022 Certificate: 8a85f98146a087b80146afacb3362499.pem JBoss Enterprise Web Server 1 (for RHEL 6 Server) (Debug RPMs) from RHUI Expiration: 01-01-2022 Certificate: 8a85f98146a087b80146afacb3362499.pem ls -la /etc/pki/rhui/redhat/ total 20 drwxr-xr-x. 2 root root 49 Apr 7 03:43 . drwxr-xr-x. 7 root apache 4096 Mar 17 06:37 .. -rw-rw-r--. 1 root root 13219 Apr 7 03:43 8a85f98146a087b80146afacb3362499.pem >> rm -rf /etc/pki/rhui/redhat/*.pem >> ls -la /etc/pki/rhui/redhat/ total 4 drwxr-xr-x. 2 root root 6 Apr 7 03:44 . drwxr-xr-x. 7 root apache 4096 Mar 17 06:37 .. Now try to add RH content repo, get the error: rhui (repo) => a Loading latest entitled products from Red Hat... ... listings loaded The following errors occurred while loading the listings: Failed to connect to https://cdn.redhat.com/content/beta/rhel/rhui/server/5/5Server/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/eus/rhel/rhui/server/5/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/beta/rhel/rhui/everything/7/x86_64/source/SRPMS/CONTAINER_REGISTRY_LISTING: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhes/rhui/vsa/1.0/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/beta/rhel/rhui/everything/7/x86_64/os/CONTAINER_REGISTRY_LISTING: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/beta/rhel/rhui/everything/7/x86_64/debug/CONTAINER_REGISTRY_LISTING: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/beta/rhel/rhui/server/6/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/eus/rhel/rhui/server/6/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhs/rhui/server/2.0/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhs/rhui/server/2.1/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/beta/rhel/rhui/server/7/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhel/rhui/server/7/7Server/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhel/rhui/server/7/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/beta/rhel/rhui/server/5/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhel/rhui/server/5/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhel/rhui/server/6/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Failed to connect to https://cdn.redhat.com/content/dist/rhel/rhui/server/6/6Server/listing: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')). Determining undeployed products... ... product list calculated All entitled products are currently deployed in the RHUI. Expected results: A message: No Red Hat entitlements found. Additional information: If to restart pulp before step #4, there is no this issue and I see a message "No Red Hat entitlements found."
The behavior has changed after the latest update. There are two scenarios, but both begin like this: 1. upload the cert 2. delete the uploaded cert in another shell (keeping rhui-manager running) Scenario A: 3. go back to the home screen 4. open the repo management screen 5. enter "a" What happens now is: "An unexpected error has occurred during the last operation. More information can be found in /root/.rhui/rhui.log." The rhui.log file then reads: 2018-05-21 06:48:24,739 - Unexpected error caught at the shell level Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/rhui/tools/shell.py", line 92, in safe_listen self.listen(clear=first_run) File "/usr/lib/python2.7/site-packages/rhui/tools/shell.py", line 131, in listen Shell.listen(self) File "/usr/lib/python2.7/site-packages/rhui/common/shell.py", line 186, in listen item.func(*args, **item.kwargs) File "/usr/lib/python2.7/site-packages/rhui/tools/screens/repo.py", line 136, in add translation_errors = self.candidate_repo_manager.translate_entitlements() File "/usr/lib/python2.7/site-packages/rhui/tools/repo_candidates.py", line 129, in translate_entitlements e.download_url, cert.cert_filename) File "/usr/lib/python2.7/site-packages/rhui/tools/cdn_api.py", line 97, in expand_variables substitutions = self.get(listing_url, cert_filename).split('\n') File "/usr/lib/python2.7/site-packages/rhui/tools/cdn_api.py", line 150, in get cert=cert_filename, verify=redhat_ca_path) File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 476, in get return self.request('GET', url, **kwargs) File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 464, in request resp = self.send(prep, **send_kwargs) File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send r = adapter.send(request, **kwargs) File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 370, in send timeout=timeout File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 544, in urlopen body=body, headers=headers) File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 341, in _make_request self._validate_conn(conn) File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 762, in _validate_conn conn.connect() File "/usr/lib/python2.7/site-packages/urllib3/connection.py", line 238, in connect ssl_version=resolved_ssl_version) File "/usr/lib/python2.7/site-packages/urllib3/util/ssl_.py", line 254, in ssl_wrap_socket context.load_cert_chain(certfile, keyfile) IOError: [Errno 2] No such file or directory That's better than what rhui-manager used to do, but not perfect. Scenario B: 3. (assuming you're still on the entitlements screen; if not, go there) enter "l" You get: "No Red Hat entitlements found." 4. go back to the home screen 5. open the repo management screen 6. enter "a" You get: "No Red Hat content certificates have been loaded. Upload a content certificate to provide entitled products for import." So it seems that the "list Red Hat content certificate entitlements" action reloads the list, rhui-manager realizes that the list is empty, and attempts to add a repo are correctly rejected thanks to this updated information. Looks like this checking should be done every time one tries to add a repo.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3520