Description of problem: When --sslCACert is used by rhnreg_ks, it adds a ; at the end of the value. Example usage: RHEL3 ---------- [root@dhcp59-160 root]# rpm -qf `which rhnreg_ks` up2date-4.4.44-3 [root@dhcp59-160 root]# grep sslCACert /etc/sysconfig/rhn/up2date sslCACert=/usr/share/rhn/RHNS-CA-CERT [root@dhcp59-160 root]# rhnreg_ks --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT --activationkey=key --force [root@dhcp59-160 root]# grep sslCACert /etc/sysconfig/rhn/up2date sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT; NOTE: the semi colon. RHEL4 (Same thing) ----------- [root@dhcp59-244 ~]# rpm -qf `which rhnreg_ks` up2date-4.4.5.6-2 [root@dhcp59-244 ~]# rhnreg_ks --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT --activationkey=key --force [root@dhcp59-244 ~]# grep sslCACert /etc/sysconfig/rhn/up2date -i sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT; This in itself is not a problem, as up2date will treat the ; properly. But the actual issue is when the applet is activated on the client. [root@dhcp59-160 root]# PYTHONPATH=/usr/share/rhn/actions python -c "import rhn_applet; rhn_applet.use_satellite ();" [root@dhcp59-160 root]# cat /etc/sysconfig/rhn/rhn-applet # Automatically generated Red Hat Update Agent config file, do not edit. # Format: 1.0 server_url[comment]=The URL to connect to server_url=https://testsat.gsslab. rdu.redhat.com/APPLET uuid[comment]=Universally Unique ID for this server uuid=6e57ad1c-3064-11da-9792-000c29f0ad5b use_ca_cert=['/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT'] [root@dhcp59-160 root]# The value to note is 'use_ca_cert'. The applet then gives errors trying to read ['/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT']. The correct value in /etc/sysconfig/rhn/rhn-applet should be use_ca_cert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT Version-Release number of selected component (if applicable): RHEL3 - up2date-4.4.44-3 RHEL4 - up2date-4.4.5.6-2
This looks to actually be an applet issue, since it's saving it's config file incorrectly
Created attachment 119694 [details] pach to fix this bug
*** Bug 170300 has been marked as a duplicate of this bug. ***
reassigning to Shannon who has requested some client and backend work
checked into cvs
This requires client -> satellite, not client -> hosted.
To verify the fix: 1- Install the latest up2date, rhn-applet and rhn-applet-actions on the client. 2- PYTHONPATH=/usr/share/rhn/actions python -c "import rhn_applet; rhn_applet.use_satellite ();" 3- rhnreg_ks --username admin --password ******** --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT 4- verify /etc/sysconfig/rhn/rhn-applet shows use_ca_cert=['/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT'] 5- rhn-applet-gui& 6- right-click on the throbber, configure the applet, then click "check for updates" 7- verify the applet is able to connect to the satellite
/etc/sysconfig/rhn/rhn-applet still says use_ca_cert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT which is preventing the applet from logging into the satellite. I'm not sure if this is a problem with up2date-4.4.56-3 or rhn-applet-2.1.18-4 or rhn-applet-actions-2.0.13-2.
I accidentally reversed the use_ca_cert in comments #13 and #14: use_ca_cert SHOULD SAY /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT use_ca_cert IS CURRENTLY SAYING ['/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT']
This bug has been moved to ON_QA with no explanation. Is it fixed or not?
looks like jconnor made a code change and then moved to on_qa. talked with beth and she is going to test. moving back to on_qa.
I edited /etc/sysconfig/rhn/up2date to reflect the satellite URL and the correct cert, then ran rhnreg_ks --force (which successfully registered the client to the satellite). But for some reason, /etc/sysconfig/rhn/rhn-applet does not say anything about use_ca_cert, nor does it have the correct server_url. The values aren't getting set by up2date.
Beth, I think there's a test procedure in comment 13. Step two is needed to propagate the up2date config into the applet config IIUC.
I see the code to fix this in rhn-applet-actions is in SVN, but it's not in rhn-applet-actions-2.0.13-2. I also note there is no corresponding changelog entry in rhn-applet-actions.spec, nor has the version file been updated. I suspect this means a fixed package has not yet been built. Here's the SVN log entry: r73021 | shughes | 2005-10-27 10:34:48 -0500 (Thu, 27 Oct 2005) | 4 lines bugzilla: 169804 changes to remove failover paths from applet config. picks 1st path in list.
Off the RHEL tracking bug R3U7 and onto the rhn tracking bugs (probably ends up on rhn406 tree). This was never an up2date bug, but an rhn-applet-actions bug (tools channel).
rhn-applet-actions needs to be rebuilt, fix will most likely hit in a package >= 2.0.13-2 (mabye version bump this to 2.0.14-1?) Over to correct applet owner for version management and rpm building. Also editing summary to be more clear.
moving to rhn406-must since it looks like it just needs the package rebuilt.
satellite: rlx-3-16 (4.0.6) client: test03.rhndev (rhel 4 u2) with @ Everything installation and latest rhn-applet (rhn-applet-2.1.24-2) and rhn-applet-actions (2.0.13-2) packages passes_qa
Closing upon release of RHN 406