2113905 – [RHSSO] [Installer][RHEL8]- RHSSO feature settings are not getting enabled and failed with HTTPD CONF issue .

Bug 2113905 - [RHSSO] [Installer][RHEL8]- RHSSO feature settings are not getting enabled and failed with HTTPD CONF issue .

Summary: [RHSSO] [Installer][RHEL8]- RHSSO feature settings are not getting enabled an...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Authentication
Sub Component:
Version:	6.12.0
Hardware:	All
OS:	All
Priority:	unspecified
Severity:	high
Target Milestone:	6.12.0
Assignee:	Ewoud Kohl van Wijngaarden
QA Contact:	Vladimír Sedmík
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-08-02 10:40 UTC by Omkar Khatavkar
Modified:	2022-11-16 13:35 UTC (History)
CC List:	8 users (show)
Fixed In Version:	foreman-installer-3.3.0.6-1,foreman-installer-3.3.0.7-1
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-11-16 13:35:05 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Foreman Issue Tracker	35524	Normal	New	SSO feature settings are not getting enabled and failed with HTTPD CONF issue	2022-09-13 14:03:06 UTC
Red Hat Issue Tracker	SAT-12605	None	None	None	2022-08-31 10:29:38 UTC
Red Hat Product Errata	RHSA-2022:8506	None	None	None	2022-11-16 13:35:13 UTC

Description Omkar Khatavkar 2022-08-02 10:40:19 UTC

Description of problem:
While enabling the feature for RHSSO, Satellite failed to start. (RHEL8) 

Version-Release number of selected component (if applicable):
6.12 (do not present in 6.10, 6.11 with rhel7)

How reproducible:
always 

Steps to Reproduce:
1. Follow the steps mentioned here https://access.redhat.com/documentation/en-us/red_hat_satellite/6.11/html/administering_red_hat_satellite/configuring_external_authentication_admin#prerequisites-for-integrating-project-with-keycloak_keycloak-general



Actual results:
RHSSO feature is not working in RHEL8 with Satellite 6.12 

Expected results:
RHSSO feature should work with Satellite 6.12 with RHEL8

Additional info:

Comment 2 Evgeni Golov 2022-08-09 10:24:42 UTC

Can you double check this works with 6.11 on RHEL8?
I'd expect it to, but one never knows… ;)

Comment 3 Adam Ruzicka 2022-08-09 10:32:23 UTC

Could you please try adding the following into /etc/foreman-installer/custom-hiera.yaml and re-running the installer?

apache::default_mods:
  - authn_core

Comment 5 Omkar Khatavkar 2022-08-16 12:03:13 UTC

@aruzicka Above workaround is working for the auth tests with RHSSO. and issue is no more reproducible.

Comment 6 Stephen Wadeley 2022-09-01 12:15:38 UTC

(In reply to Omkar Khatavkar from comment #5)
> @aruzicka Above workaround is working for the auth tests with
> RHSSO. and issue is no more reproducible.

Hi Omkar

Thank you for checking that, Adam updated PR with that info:

https://github.com/theforeman/puppet-foreman/pull/1073#pullrequestreview-1075196114

Comment 7 Ewoud Kohl van Wijngaarden 2022-09-08 12:58:17 UTC

The proper fix is https://github.com/puppetlabs/puppetlabs-apache/pull/2283. This also works on EL8 where mod_auth_openidc is in a DNF module. This should be cherry picked.

Comment 8 Ewoud Kohl van Wijngaarden 2022-09-13 14:03:05 UTC

Created redmine issue https://projects.theforeman.org/issues/35524 from this bug

Comment 9 Bryan Kearney 2022-09-13 16:04:46 UTC

Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/35524 has been resolved.

Comment 10 Ewoud Kohl van Wijngaarden 2022-09-15 09:40:33 UTC

https://github.com/theforeman/foreman-installer/pull/807 is the cherry pick PR for 3.3.

Comment 15 Omkar Khatavkar 2022-10-03 09:09:17 UTC

verified this on Satellite 6.12 Snap 13. this issue is no more reproducible

Comment 19 errata-xmlrpc 2022-11-16 13:35:05 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.12 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:8506

Note You need to log in before you can comment on or make changes to this bug.