2024269 – Attempt of upgrading Satellite server to 6.7 or 6.8 stops with message "Please run 'foreman-maintain prep-6.10-upgrade' prior to upgrading." when using latest rubygem-foreman_maintain package

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2024269 - Attempt of upgrading Satellite server to 6.7 or 6.8 stops with message "Please run 'foreman-maintain prep-6.10-upgrade' prior to upgrading." when using latest rubygem-foreman_maintain package

Summary: Attempt of upgrading Satellite server to 6.7 or 6.8 stops with message "Pleas...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Satellite Maintain
Sub Component:
Version:	6.8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	6.11.0
Assignee:	Amit Upadhye
QA Contact:	sganar
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-11-17 17:58 UTC by Shekhar Raut
Modified:	2022-07-19 10:26 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	2027353 (view as bug list)
Environment:
Last Closed:	2022-07-05 14:30:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	34039	High	New	Attempt of upgrading Satellite server to 6.7 or 6.8 stops with message "Please run 'foreman-maintain prep-6.10-upgrade' ...	2021-11-30 14:19:38 UTC
Red Hat Knowledge Base (Solution)	6532821	None	None	None	2021-11-22 18:15:03 UTC
Red Hat Product Errata	RHSA-2022:5498	None	None	None	2022-07-05 14:30:16 UTC

Description Shekhar Raut 2021-11-17 17:58:41 UTC

Description of problem:

After installing latest package of rubygem-foreman_maintain.noarch and while performing upgrade on Satellite 6.6, 6.7, 6.8, 6.9; satellite-maintain tool is printing below message:

~~~
Please run 'foreman-maintain prep-6.10-upgrade' prior to upgrading.
~~~

Version-Release number of selected component (if applicable):

Red Hat Satellite 6.6, 6.7, 6.8, 6.9


How reproducible:

Steps to Reproduce:
1. Install latest version of rubygem-foreman_maintain.noarch
   
   rubygem-foreman_maintain.noarch                                          1:0.8.20-1.el7sat                                           rhel-7-server-satellite-maintenance-6-rpms

2. Run command to perform upgrade using "satellite-maintain" tool:

   For example:

   # satellite-maintain upgrade check --target-version 6.8

3. Command will print below message:

   Nothing to update, can't find new version of satellite-maintain.
   Please run 'foreman-maintain prep-6.10-upgrade' prior to upgrading.

4. Now downgrade rubygem-foreman_maintain.noarch using below commands:

   # yum history

   # yum history undo <Transaction ID>

   # rpm -qa |grep rubygem-foreman_maintain.noarch

5. Again run command to perform upgrade using "satellite-maintain" tool:

   # satellite-maintain upgrade check --target-version 6.8

6. Command will print below message:

   Checking for new version of satellite-maintain...
   
   rubygem-foreman_maintain.noarch                                                                         1:0.8.20-1.el7sat                                                                          rhel-7-server-satellite-maintenance-6-rpms

   Updating satellite-maintain package.

   The satellite-maintain package successfully updated.
   Re-run satellite-maintain with required options!

7. And receive the same output again.



Expected results:

Satellite-maintain command should proceed for the upgrade.


Additional info:

As a workaround we can perform below steps:

   # yum history

   # yum history undo <Transaction ID>

   # satellite-maintain upgrade check --target-version 6.8 --disable-self-upgrade

   And then command will proceed to perform satellite upgrade.

Comment 1 Sayan Das 2021-11-24 07:35:35 UTC

NOTE: 

The last working version is 0.7.14-1.el7sat . Any version of foreman-maintain beyond that i.e. 0.8.X is affected by this problem. So downgrading to rubygem-foreman_maintain-0.7.14-1.el7sat.noarch and then using --disable-self-upgrade is the current choice we have.

The solution article has been modified to provide the same information.

Comment 4 Amit Upadhye 2021-11-30 14:19:36 UTC

Created redmine issue https://projects.theforeman.org/issues/34039 from this bug

Comment 6 Bryan Kearney 2021-12-03 12:05:47 UTC

Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/34039 has been resolved.

Comment 7 Mike McCune 2021-12-07 16:59:00 UTC

WORKAROUND:

The check is likely failing on the ownership of /var/lib/pulp which may be apache:apache, you can check via:

# ls -ld /var/lib/pulp
drwxr-xr-x. 9 apache apache 181 Sep 11  2020 /var/lib/pulp

If this is the case, run:

# chown apache:pulp /var/lib/pulp

and re-try the upgrade

Comment 10 sganar 2022-01-17 06:55:15 UTC

Comment 11 sganar 2022-01-17 07:09:51 UTC

Will there be a fix for this https://bugzilla.redhat.com/show_bug.cgi?id=2024269#c9  ?

Comment 12 Sayan Das 2022-01-17 08:25:44 UTC

(In reply to sganar from comment #11)
> Will there be a fix for this
> https://bugzilla.redhat.com/show_bug.cgi?id=2024269#c9  ?

Hey Shubham,

The scenario in comment 9 is very unique and will only happen if the external LDAP source has some groups with the same GID as some internal groups of satellite i.e. pulp. But to be honest there is no way to deal with this apart from 

A) Either change the GID of those LDAP groups in External Source

B) Or, We change /etc/nsswitch.conf in satellite to exclude the External Auth-Source from it for User\Group lookup.


I had mentioned about it just to ensure that we are aware of different scenarios that can lead to this problem, but this should or perhaps cannot be included in QE testing\verification. 

So I guess, The only proper way to test it would be to leave the ownership of /var/lib/pulp to apache:apache and then see, if we try to upgrade the Satellite 6 to any version below 6.10, whether it still prompts for that "Please run 'foreman-maintain prep-6.10-upgrade' prior to upgrading" message or not.

It should only be prompted during Sat 6.9 -> 6.10 upgrade and if the "foreman-maintain prep-6.10-upgrade" command was not executed for any reason causing the actual group_ownership conflict.

Comment 13 sganar 2022-01-18 11:01:13 UTC

Verified.

Tested on Satellite 6.9.8 Snap 1.0
rubygem-foreman_maintain-0.8.22

Steps followed: 
1. Setup the repositories required for Satellite 6.10 upgrade
2. Run "satellite-maintain upgrade check --target-version" 6.10 / "satellite-maintain upgrade run --target-version 6.10"

Observation:

satellite-maintain command proceeds for the upgrade as expected.
A check is added to check the pulp content's group ownership for 6.9 to 6.10 upgrade.

Comment 20 errata-xmlrpc 2022-07-05 14:30:00 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.11 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5498

Note You need to log in before you can comment on or make changes to this bug.