Bug 1419511 - capsule-certs-generate overwrites /etc/httpd/conf.d/pulp.conf wrongfully on satellite
Summary: capsule-certs-generate overwrites /etc/httpd/conf.d/pulp.conf wrongfully on s...
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Upgrades
Version: 6.2.7
Hardware: x86_64
OS: Linux
Target Milestone: Unspecified
Assignee: Stephen Benjamin
QA Contact: jcallaha
: 1425550 (view as bug list)
Depends On:
Blocks: Sat6_Upgrades
TreeView+ depends on / blocked
Reported: 2017-02-06 11:39 UTC by Ahmed Nazmy
Modified: 2020-07-16 09:11 UTC (History)
17 users (show)

Fixed In Version: katello-installer-base-
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2017-03-06 08:37:40 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 18402 0 Urgent Closed foreman-proxy-certs-generate overwrites /etc/httpd/conf.d/pulp.conf wrongfully on katello 2020-01-27 18:33:38 UTC
Red Hat Knowledge Base (Solution) 2908381 0 None None None 2017-02-06 12:35:55 UTC
Red Hat Product Errata RHBA-2017:0447 0 normal SHIPPED_LIVE Satellite 6.2.8 Async Bug Release 2017-03-06 13:23:41 UTC

Description Ahmed Nazmy 2017-02-06 11:39:58 UTC
Description of problem:

On sat 6.2.7 , if you try to register a capsule using capsule-certs-generate it wrongfully overwrites /etc/httpd/conf.d/pulp.conf which leads to broken pulp api calls , seems this was a bug fix for BZ1405536

Version-Release number of selected component (if applicable):
Sat 6.2.7 

How reproducible:

Steps to Reproduce:
1. on fresh or upgraded sat 6.2.7 or try check content of /etc/httpd/conf.d/pulp.conf

2. run : capsule-certs-generate --capsule-fqdn capsule.example.com --certs-tar ~/capsule.example.com-certs.tar

3. check content of /etc/httpd/conf.d/pulp.conf 

Actual results:

/etc/httpd/conf.d/pulp.conf now has no config to route pulp/api calls which leads to 404 Resource not found errors 

Expected results:

capsule-certs-generate  should not alter /etc/httpd/conf.d/pulp.conf on satellite 

Additional info:

Comment 1 Ahmed Nazmy 2017-02-06 11:41:33 UTC
A workaround to fix is to rerun :
satellite-installer --scenario satellite --upgrade

Comment 4 Stephen Benjamin 2017-02-06 14:19:03 UTC
Created redmine issue http://projects.theforeman.org/issues/18402 from this bug

Comment 5 Stephen Benjamin 2017-02-06 14:33:27 UTC
Verification steps:

1. Ensure /etc/http/conf.d/pulp.conf contains configuration, ensure `hammer ping` shows all services OK
2. Run `capsule-certs-generate --capsule-fqdn capsule.example.com --certs-tar /tmp/capsule.tar.gz`
3. Ensure pulp.conf remains unchanged
4. Run `katello-service restart` and ensure `hammer ping` is still OK

Comment 9 Harshad More 2017-02-08 10:53:14 UTC
Got below error while doing repository sync:
"There was an issue with the backend service pulp: 404 Resource Not Found (RuntimeError)"

hammer ping failed at pulp only without any output at Server Response

Fixed issue by running installer on satellite server:
# satellite-installer --scenario satellite --upgrade

Comment 10 jcallaha 2017-02-13 21:49:00 UTC
Verified in Satellite 6.2.8 Snap 2.

-bash-4.2# cat /etc/httpd/conf.d/pulp.conf > pulp_before.conf
-bash-4.2# capsule-certs-generate --capsule-fqdn my.capsule.fqdn.rehat.com --certs-tar my.capsule.fqdn.rehat.com
Installing             Done                                               [100%] [..........................................................................................................]

  To finish the installation, follow these steps:

  If you do not have the capsule registered to the Satellite instance, then please do the following:

  1. yum -y localinstall http://sat-qe-1.rhq.lab.eng.bos.redhat.com/pub/katello-ca-consumer-latest.noarch.rpm
  2. subscription-manager register --org "Default_Organization"

  Once this is completed run the steps below to start the capsule installation:

  1. Ensure that the satellite-capsule package is installed on the system.
  2. Copy my.capsule.fqdn.rehat.com to the system my.capsule.fqdn.rehat.com
  3. Run the following commands on the capsule (possibly with the customized
     parameters, see satellite-installer --scenario capsule --help and
     documentation for more info on setting up additional services):

  satellite-installer --scenario capsule\
                    --capsule-parent-fqdn                         "sat-qe-1.rhq.lab.eng.bos.redhat.com"\
                    --foreman-proxy-register-in-foreman           "true"\
                    --foreman-proxy-foreman-base-url              "https://sat-qe-1.rhq.lab.eng.bos.redhat.com"\
                    --foreman-proxy-trusted-hosts                 "sat-qe-1.rhq.lab.eng.bos.redhat.com"\
                    --foreman-proxy-trusted-hosts                 "my.capsule.fqdn.rehat.com"\
                    --foreman-proxy-oauth-consumer-key            "xxKkZmZvVPAbyDHcd3gQUzKKcbeeGRbL"\
                    --foreman-proxy-oauth-consumer-secret         "BHoLmatS6gMBH4SG5Tah4M3zgya4Rrvm"\
                    --capsule-pulp-oauth-secret                   "8n85XdQij7N8u3VyQJZbqssthF8MpmDo"\
                    --capsule-certs-tar                           "my.capsule.fqdn.rehat.com"
  The full log is at /var/log/capsule-certs-generate.log
-bash-4.2# cat /etc/httpd/conf.d/pulp.conf > pulp_after.conf
-bash-4.2# diff pulp_before.conf pulp_after.conf 

Comment 11 Stephen Benjamin 2017-02-21 17:53:00 UTC
*** Bug 1425550 has been marked as a duplicate of this bug. ***

Comment 13 errata-xmlrpc 2017-03-06 08:37:40 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.