Description of problem: I cannot find a trace of secure Pulp 3 deployment layout Version-Release number of selected component (if applicable): Sat6.9 snap 9 Actual results: A Pulp group exists: [root@dhcp-2-237 ~]# getent group pulp pulp:x:1000:apache No settings.py file is created under /etc/pulp/: [root@dhcp-2-237 ~]# grep -r settings.py /etc/pulp/ [root@dhcp-2-237 ~]# [root@dhcp-2-237 ~]# cat /etc/pulp/ content/ repo_auth.conf server/ server.conf streamer.conf vhosts80/ No services found: [root@dhcp-2-237 ~]# systemctl cat pulpcore-api.service No files found for pulpcore-api.service. [root@dhcp-2-237 ~]# systemctl cat pulpcore-content.socket No files found for pulpcore-content.socket. [root@dhcp-2-237 ~]# systemctl cat pulpcore-content.service No files found for pulpcore-content.service. Expected results: the above pulpcore-content
Hello Testing on Sat6.9 Snap 10 Now we can see settings.py under `/etc/pulp/`: [root@dhcp-3-104 ~]# ls /etc/pulp/ content repo_auth.conf server server.conf settings.py streamer.conf vhosts80 [root@dhcp-3-104 ~]# root@dhcp-3-104 ~]# systemctl cat pulpcore-api.service # /etc/systemd/system/pulpcore-api.service [Unit] Description=Pulp API Server After=network.target Requires=pulpcore-api.socket [Service] Type=notify Environment="DJANGO_SETTINGS_MODULE=pulpcore.app.settings" Environment="PULP_SETTINGS=/etc/pulp/settings.py" User=pulp Group=pulp WorkingDirectory=/var/lib/pulp RuntimeDirectory=pulpcore-api ExecStart=/usr/libexec/pulpcore/gunicorn pulpcore.app.wsgi:application \ --access-logfile - ExecReload=/bin/kill -s HUP $MAINPID ProtectSystem=full PrivateTmp=yes PrivateDevices=yes SyslogIdentifier=pulpcore-api # This provides reconnect support for PostgreSQL and Redis. Without reconnect support, if either # is not available at startup or becomes disconnected, this process will die and not respawn. Restart=always RestartSec=3 [Install] WantedBy=multi-user.target [root@dhcp-3-104 ~]# systemctl cat pulpcore-content.socket # /etc/systemd/system/pulpcore-content.socket [Unit] Description=Pulp Content App socket [Socket] ListenStream=/run/pulpcore-content.sock SocketUser=apache SocketMode=0600 [Install] WantedBy=sockets.target [root@dhcp-3-104 ~]# [root@dhcp-3-104 ~]# systemctl cat pulpcore-content.service # /etc/systemd/system/pulpcore-content.service [Unit] Description=Pulp Content App Requires=pulpcore-content.socket After=network.target [Service] Type=notify Environment="DJANGO_SETTINGS_MODULE=pulpcore.app.settings" Environment="PULP_SETTINGS=/etc/pulp/settings.py" User=pulp Group=pulp WorkingDirectory=/var/lib/pulp RuntimeDirectory=pulpcore-content ExecStart=/usr/libexec/pulpcore/gunicorn pulpcore.content:server \ --worker-class 'aiohttp.GunicornWebWorker' \ -w 2 \ --access-logfile - ExecReload=/bin/kill -s HUP $MAINPID SyslogIdentifier=pulpcore-content # This provides reconnect support for PostgreSQL and Redis. Without reconnect support, if either # is not available at startup or becomes disconnected, this process will die and not respawn. Restart=always RestartSec=3 [Install] WantedBy=multi-user.target [root@dhcp-3-104 ~]#
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Satellite 6.9 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1313