Bug 1719725
| Summary: | cockpit: config file content is destroyed when using a custom url | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Marius Vollmer <mvollmer> |
| Component: | subscription-manager | Assignee: | candlepin-bugs |
| Status: | CLOSED ERRATA | QA Contact: | Red Hat subscription-manager QE Team <rhsm-qe> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | --- | CC: | cdonnell, csnyder, jhnidek, skallesh |
| Target Milestone: | rc | Keywords: | Triaged |
| Target Release: | 8.0 | Flags: | pm-rhel:
mirror+
|
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | subscription-manager-1.26.5-1 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-04-28 16:54:49 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
More information can be found in the comments here: https://github.com/candlepin/subscription-manager/pull/2091 Reproducer: [root@kvm-01-guest22 ~]# cat /etc/rhsm/rhsm.conf # Red Hat Subscription Manager Configuration File: # Unified Entitlement Platform Configuration [server] # Server hostname: hostname = subscription.rhsm.redhat.com # Server prefix: prefix = /subscription # Server port: port = 443 # Set to 1 to disable certificate validation: insecure = 0 # Set the depth of certs which should be checked # when validating a certificate ssl_verify_depth = 3 # an http proxy server to use proxy_hostname = # The scheme to use for the proxy when updating repo definitions, if needed # e.g. http or https proxy_scheme = http # port for http proxy server proxy_port = # user name for authenticating to an http proxy, if needed proxy_user = # password for basic http proxy auth, if needed proxy_password = # host/domain suffix blacklist for proxy, if needed no_proxy = [rhsm] # Content base URL: baseurl = https://cdn.redhat.com # Repository metadata GPG key URL: repomd_gpg_url = # Server CA certificate location: ca_cert_dir = /etc/rhsm/ca/ # Default CA cert to use when generating yum repo configs: repo_ca_cert = %(ca_cert_dir)sredhat-uep.pem # Where the certificates should be stored productCertDir = /etc/pki/product entitlementCertDir = /etc/pki/entitlement consumerCertDir = /etc/pki/consumer # Manage generation of yum repositories for subscribed content: manage_repos = 1 # Refresh repo files with server overrides on every yum command full_refresh_on_yum = 0 # If set to zero, the client will not report the package profile to # the subscription management service. report_package_profile = 1 # The directory to search for subscription manager plugins pluginDir = /usr/share/rhsm-plugins # The directory to search for plugin configuration files pluginConfDir = /etc/rhsm/pluginconf.d # Manage automatic enabling of yum/dnf plugins (product-id, subscription-manager) auto_enable_yum_plugins = 1 # Run the package profile on each yum/dnf transaction package_profile_on_trans = 0 # Inotify is used for monitoring changes in directories with certificates. # Currently only the /etc/pki/consumer directory is monitored by the # rhsm.service. When this directory is mounted using a network file system # without inotify notification support (e.g. NFS), then disabling inotify # is strongly recommended. When inotify is disabled, periodical directory # polling is used instead. inotify = 1 [rhsmcertd] # Interval to run cert check (in minutes): certCheckInterval = 240 # Interval to run auto-attach (in minutes): autoAttachInterval = 1440 # If set to zero, the checks done by the rhsmcertd daemon will not be splayed (randomly offset) splay = 1 # If set to 1, rhsmcertd will not execute. disable = 0 [logging] default_log_level = INFO # subscription_manager = DEBUG # subscription_manager.managercli = DEBUG # rhsm = DEBUG # rhsm.connection = DEBUG # rhsm-app = DEBUG # rhsm-app.rhsmd = DEBUG After system is registered via cockpit using customurl option rhsm.conf content gets deleted as shown below [root@kvm-01-guest22 ~]# cat /etc/rhsm/rhsm.conf [server] prefix = /candlepin[root@kvm-01-guest22 ~]# Verification: [root@kvm-04-guest02 ~]# subscription-manager version server type: Red Hat Subscription Management subscription management server: 2.8.0-1 subscription management rules: 5.37 subscription-manager: 1.26.10-1.el8 [root@kvm-04-guest02 ~]# cat /etc/rhsm/rhsm.conf # Red Hat Subscription Manager Configuration File: # Unified Entitlement Platform Configuration [server] # Server hostname: hostname = subscription.rhsm.redhat.com # Server prefix: prefix = /subscription # Server port: port = 443 # Set to 1 to disable certificate validation: insecure = 0 # Set the depth of certs which should be checked # when validating a certificate ssl_verify_depth = 3 # an http proxy server to use proxy_hostname = # The scheme to use for the proxy when updating repo definitions, if needed # e.g. http or https proxy_scheme = http # port for http proxy server proxy_port = # user name for authenticating to an http proxy, if needed proxy_user = # password for basic http proxy auth, if needed proxy_password = # host/domain suffix blacklist for proxy, if needed no_proxy = [rhsm] # Content base URL: baseurl = https://cdn.redhat.com # Repository metadata GPG key URL: repomd_gpg_url = # Server CA certificate location: ca_cert_dir = /etc/rhsm/ca/ # Default CA cert to use when generating yum repo configs: repo_ca_cert = %(ca_cert_dir)sredhat-uep.pem # Where the certificates should be stored productCertDir = /etc/pki/product entitlementCertDir = /etc/pki/entitlement consumerCertDir = /etc/pki/consumer # Manage generation of yum repositories for subscribed content: manage_repos = 1 # Refresh repo files with server overrides on every yum command full_refresh_on_yum = 0 # If set to zero, the client will not report the package profile to # the subscription management service. report_package_profile = 1 # The directory to search for subscription manager plugins pluginDir = /usr/share/rhsm-plugins # The directory to search for plugin configuration files pluginConfDir = /etc/rhsm/pluginconf.d # Manage automatic enabling of yum/dnf plugins (product-id, subscription-manager) auto_enable_yum_plugins = 1 # Run the package profile on each yum/dnf transaction package_profile_on_trans = 0 # Inotify is used for monitoring changes in directories with certificates. # Currently only the /etc/pki/consumer directory is monitored by the # rhsm.service. When this directory is mounted using a network file system # without inotify notification support (e.g. NFS), then disabling inotify # is strongly recommended. When inotify is disabled, periodical directory # polling is used instead. inotify = 1 [rhsmcertd] # Interval to run cert check (in minutes): certCheckInterval = 240 # Interval to run auto-attach (in minutes): autoAttachInterval = 1440 # If set to zero, the checks done by the rhsmcertd daemon will not be splayed (randomly offset) splay = 1 # If set to 1, rhsmcertd will not execute. disable = 0 [rhsmd] # The time in seconds we will allow the rhsmd cron job to run before terminating the process. processTimeout = 300 [logging] default_log_level = INFO # subscription_manager = DEBUG # subscription_manager.managercli = DEBUG # rhsm = DEBUG # rhsm.connection = DEBUG # rhsm-app = DEBUG # rhsm-app.rhsmd = DEBUG After registering the system via cockpit with customurl option , observe that hostname, prefix and port is changed below and rhsm.conf contents are not deleted [root@kvm-04-guest02 ~]# cat /etc/rhsm/rhsm.conf # Red Hat Subscription Manager Configuration File: # Unified Entitlement Platform Configuration [server] # Server hostname: hostname = shwetha-workstation.usersys.redhat.com # Server prefix: prefix = /candlepin # Server port: port = 8443 # Set to 1 to disable certificate validation: insecure = 0 # Set the depth of certs which should be checked # when validating a certificate ssl_verify_depth = 3 # an http proxy server to use proxy_hostname = # The scheme to use for the proxy when updating repo definitions, if needed # e.g. http or https proxy_scheme = http # port for http proxy server proxy_port = # user name for authenticating to an http proxy, if needed proxy_user = # password for basic http proxy auth, if needed proxy_password = # host/domain suffix blacklist for proxy, if needed no_proxy = [rhsm] # Content base URL: baseurl = https://cdn.redhat.com # Repository metadata GPG key URL: repomd_gpg_url = # Server CA certificate location: ca_cert_dir = /etc/rhsm/ca/ # Default CA cert to use when generating yum repo configs: repo_ca_cert = %(ca_cert_dir)sredhat-uep.pem # Where the certificates should be stored productCertDir = /etc/pki/product entitlementCertDir = /etc/pki/entitlement consumerCertDir = /etc/pki/consumer # Manage generation of yum repositories for subscribed content: manage_repos = 1 # Refresh repo files with server overrides on every yum command full_refresh_on_yum = 0 # If set to zero, the client will not report the package profile to # the subscription management service. report_package_profile = 1 # The directory to search for subscription manager plugins pluginDir = /usr/share/rhsm-plugins # The directory to search for plugin configuration files pluginConfDir = /etc/rhsm/pluginconf.d # Manage automatic enabling of yum/dnf plugins (product-id, subscription-manager) auto_enable_yum_plugins = 1 # Run the package profile on each yum/dnf transaction package_profile_on_trans = 0 # Inotify is used for monitoring changes in directories with certificates. # Currently only the /etc/pki/consumer directory is monitored by the # rhsm.service. When this directory is mounted using a network file system # without inotify notification support (e.g. NFS), then disabling inotify # is strongly recommended. When inotify is disabled, periodical directory # polling is used instead. inotify = 1 [rhsmcertd] # Interval to run cert check (in minutes): certCheckInterval = 240 # Interval to run auto-attach (in minutes): autoAttachInterval = 1440 # If set to zero, the checks done by the rhsmcertd daemon will not be splayed (randomly offset) splay = 1 # If set to 1, rhsmcertd will not execute. disable = 0 [rhsmd] # The time in seconds we will allow the rhsmd cron job to run before terminating the process. processTimeout = 300 [logging] default_log_level = INFO # subscription_manager = DEBUG # subscription_manager.managercli = DEBUG # rhsm = DEBUG # rhsm.connection = DEBUG # rhsm-app = DEBUG # rhsm-app.rhsmd = DEBUG Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:1849 |
Description of problem: When registering with the Cockpit UI using a URL that doesn't match the config file, the code will attempt to change the config file via the Config.Set API. This is done in such a way that sometimes the config file is completely destroyed. Version-Release number of selected component (if applicable): subscription-manager-cockpit-1.23.8-35.el8.noarch How reproducible: Always for me, but it's timing sensitive Steps to Reproduce: 1. Change /etc/rhsm/rhsm.conf to contain a server that differs in all three elements from the default. It doesn't matter wether the server actually exists. [server] hostname = something.com prefix = /something port = 4444 2. Register with Cockpit and select "Default" as the URL. This will cause Cockpit to change the config file back to the default values. Actual results: The /etc/rhsm/rhsm.conf file is empty. Depending on the exact URls that ar ebeing used, the AutoAttach phase of registering might also fail since rhsmd does not actually use the values provided via Config.Set but might use defaults or old values. Expected results: The rhsm.conf file has been carefully changed in place and AutoAttach uses the values provided by Config.Set. Additional info: The Cockpit UI starts all three Config.Set D-Bus calls immediately one after the other without waiting for the previous one to complete. Also the AutoAttach call is started before the Config.Set calls have completed. However, all calls arrive at the daemon in order, and if rhsmd doesn't try to process them concurrently, there should be no interference. Is rhsmd multi-threaded like that?