Bug 1625571 - Man page of rhsm.conf needs to be updated on proxy_port section
Summary: Man page of rhsm.conf needs to be updated on proxy_port section
Keywords:
Status: NEW
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: subscription-manager
Version: 7.6
Hardware: Unspecified
OS: Unspecified
high
low
Target Milestone: rc
: ---
Assignee: candlepin-bugs
QA Contact: Red Hat subscription-manager QE Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-09-05 08:58 UTC by Rehana
Modified: 2019-07-22 12:20 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1642888 (view as bug list)
Environment:
Last Closed:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1576423 None CLOSED proxy_port from rhsm.conf not used 2019-03-27 07:40:55 UTC

Internal Links: 1576423

Description Rehana 2018-09-05 08:58:09 UTC
Description of problem:
with the fix of this Bug 1576423 , subscription manager now honours proxy port other than default 3128 . However during the test, it came to our notice that rhsmcertd process was failing run due to AVC denial Bug 1623376. The recommendation on this selinux bug was to have local policy added to honour proxy port of user's choice. 

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.These are the following steps to enable rhsmcertd to pass through new port  

to add a local policy
=====================
# semanage port -a -t squid_port_t -p tcp <port number>

2.To change the system back to look at 3128 port, just remove the policy 

#semanage port -d -t squid_port_t -p tcp <port number>
3.

Actual results:
Users will see rhsmcertd failure if their policy is not updated

Expected results:
man page proxy_port should have details on what modification user should on the policy in order to help rhsmcertd run against a non-default proxy port

Additional info:
Bug 1623376


Note You need to log in before you can comment on or make changes to this bug.