Hide Forgot
Description of problem: Compared to Satellite 5.7 and satellite-sync, /var/satellite/rhn/* subdirectories are owned by root, in Satellite 5.7 are owned by apache. How reproducible: Sync rhel channel with cdn-sync Actual results: e.g. /var/satellite/rhn/kickstart/ks-rhel-x86_64-server-7-7.2/ directory and files are owned by root. Cobbler sync taskomatic job is failing with INFO | jvm 1 | 2016/11/16 19:13:00 | 2016-11-16 19:13:00,144 [DefaultQuartzScheduler_Worker-1] ERROR com.redhat.rhn.taskomatic.t ask.CobblerSyncTask - Cause: redstone.xmlrpc.XmlRpcFault: <type 'exceptions.IOError'>:[Errno 13] Permission denied: '/var/lib/tftpboo t/images/ks-rhel-x86_64-server-7-71/vmlinuz' (May not be relevant but files are copied there from /var/satellite/rhn/ so it's worth investigating) Expected results: Cobbler sync task not failing, same permissions as before. Additional info: Selinux label for files in /var/lib/tftpboot/images/ks-rhel-x86_64-server-7-71/ changed from unconfined_u:object_r:cobbler_var_lib_t:s0 to unconfined_u:object_r:spacewalk_data_t:s0 (note: comparing Satellite 5.7 on RHEL 6 and Spacewalk nightly on RHEL 7)
Patch is available in upstream. spacewalk.git: db83e11e501c8498304849b66649eb53538e2dfa cherry-picked to SATELLITE-5.8: 1599407836d2171240dfbf85272ff885b93ad94e
patch is available in upstream. spacewalk.git: 91cf1508a829dbbc07b23753d3e7e8d46a275ae4
Radovan, now permissions for /var/satellite/rhn* should be the same as on Sat 5.7.
Tested on spacewalk-backend-2.5.3-69.el6sat with the rhel-x86_64-server-7 channel synced. # ls -l /var/satellite/ | grep rhn drwxr-xr-x. 4 apache apache 4096 Mar 1 04:57 rhn # find /var/satellite/rhn ! -user apache ! -group apache (no output) # VERIFIED