Cloned from bug 472454 to align against 5.2.1 maintenance release
this was committed to 5.2 branch, svn commit 179521
Here are the results using the following configuration: RHEL5 Satellite RHEL5 Proxy Proxy installs fine. A check of the configuration file in question shows that the changes specified in this ticket have taken place: # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. A new # certificate can be generated using the genkey(1) command. SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key However, when trying to register a client to the Proxy, I get this error in the terminal: An error has occurred: xmlrpclib.Fault And this error in an email: Exception reported from rlx-0-06.rhndev.redhat.com Time: Tue Mar 10 11:59:50 2009 Exception type exceptions.OSError Exception while handling function ProxyAuth.set_cached_token Extra information about this error: Caching of authentication token for proxy id 1000010041 failed! Either the authentication caching daemon is experiencing problems, isn't running, or the token is somehow corrupt. Exception Handler Information Traceback (most recent call last): File "/usr/share/rhn/proxy/broker/rhnProxyAuth.py", line 134, in set_cached_token shelf[self.__cache_proxy_key()] = token File "/usr/share/rhn/proxy/broker/rhnProxyAuth.py", line 380, in __setitem__ return rhnCache.set(rkey, val) File "/usr/share/rhn/common/rhnCache.py", line 68, in set cache.set(name, value, modified) File "/usr/share/rhn/common/rhnCache.py", line 334, in set self.cache.set(name, pickled, modified) File "/usr/share/rhn/common/rhnCache.py", line 228, in set fd = self.set_file(name, modified) File "/usr/share/rhn/common/rhnCache.py", line 260, in set_file fd = WriteLockedFile(name, modified) File "/usr/share/rhn/common/rhnCache.py", line 158, in __init__ self.fd = self.get_fd(name) File "/usr/share/rhn/common/rhnCache.py", line 201, in get_fd fd = _safe_create(self.fname) File "/usr/share/rhn/common/rhnCache.py", line 116, in _safe_create os.makedirs(dirname, 0755) File "/usr/lib/python2.4/os.py", line 159, in makedirs mkdir(name, mode) OSError: [Errno 13] Permission denied: '/var/cache/rhn/proxy-auth' Local variables by frame Frame makedirs in /usr/lib/python2.4/os.py at line 159 tail = <type 'str'> proxy-auth head = <type 'str'> /var/cache/rhn name = <type 'str'> /var/cache/rhn/proxy-auth mode = <type 'int'> 493 Frame _safe_create in /usr/share/rhn/common/rhnCache.py at line 123 tries = <type 'int'> 4 dirname = <type 'str'> /var/cache/rhn/proxy-auth e = <type 'instance'> [Errno 13] Permission denied: '/var/cache/rhn/proxy-auth' fname = <type 'str'> /var/cache/rhn/proxy-auth/p1000010041 Frame get_fd in /usr/share/rhn/common/rhnCache.py at line 203 self = <class 'common.rhnCache.WriteLockedFile'> <common.rhnCache.WriteLockedFile object at 0xb7c8574c> name = <type 'str'> proxy-auth/p1000010041 Frame __init__ in /usr/share/rhn/common/rhnCache.py at line 158 self = <class 'common.rhnCache.WriteLockedFile'> <common.rhnCache.WriteLockedFile object at 0xb7c8574c> modified = <type 'NoneType'> None name = <type 'str'> proxy-auth/p1000010041 Frame set_file in /usr/share/rhn/common/rhnCache.py at line 260 self = <type 'instance'> <common.rhnCache.Cache instance at 0xb7c852ec> modified = <type 'NoneType'> None name = <type 'str'> proxy-auth/p1000010041 Frame set in /usr/share/rhn/common/rhnCache.py at line 228 self = <type 'instance'> <common.rhnCache.Cache instance at 0xb7c852ec> modified = <type 'NoneType'> None value = <type 'str'> €UU1000010041::1236715301.87:21600.0:td5H7aVUJBVlChDufyHNlQ==:rlx-0-06.rhndev.redhat.comq. name = <type 'str'> proxy-auth/p1000010041 Frame set in /usr/share/rhn/common/rhnCache.py at line 334 name = <type 'str'> proxy-auth/p1000010041 self = <type 'instance'> <common.rhnCache.ObjectCache instance at 0xb7c8570c> pickled = <type 'str'> €UU1000010041::1236715301.87:21600.0:td5H7aVUJBVlChDufyHNlQ==:rlx-0-06.rhndev.redhat.comq. value = <type 'str'> 1000010041::1236715301.87:21600.0:td5H7aVUJBVlChDufyHNlQ==:rlx-0-06.rhndev.redhat.com modified = <type 'NoneType'> None Frame set in /usr/share/rhn/common/rhnCache.py at line 68 name = <type 'str'> proxy-auth/p1000010041 cache = <type 'instance'> <common.rhnCache.ObjectCache instance at 0xb7c8570c> modified = <type 'NoneType'> None value = <type 'str'> 1000010041::1236715301.87:21600.0:td5H7aVUJBVlChDufyHNlQ==:rlx-0-06.rhndev.redhat.com raw = <type 'NoneType'> None compressed = <type 'NoneType'> None Frame __setitem__ in /usr/share/rhn/proxy/broker/rhnProxyAuth.py at line 380 self = <type 'instance'> <proxy.broker.rhnProxyAuth.AuthLocalBackend instance at 0xb7c852cc> rkey = <type 'str'> proxy-auth/p1000010041 key = <type 'str'> p1000010041 val = <type 'str'> 1000010041::1236715301.87:21600.0:td5H7aVUJBVlChDufyHNlQ==:rlx-0-06.rhndev.redhat.com Frame set_cached_token in /usr/share/rhn/proxy/broker/rhnProxyAuth.py at line 141 text = <type 'str'> Caching of authentication token for proxy id 1000010041 failed! Either the authentication caching daemon is experiencing problems, isn't running, or the token is somehow corrupt. token = <type 'str'> 1000010041::1236715301.87:21600.0:td5H7aVUJBVlChDufyHNlQ==:rlx-0-06.rhndev.redhat.com self = <type 'instance'> <proxy.broker.rhnProxyAuth.ProxyAuth instance at 0xb7cdaf2c> shelf = <type 'instance'> <proxy.broker.rhnProxyAuth.AuthLocalBackend instance at 0xb7c852cc> Frame check_cached_token in /usr/share/rhn/proxy/broker/rhnProxyAuth.py at line 111 token = <type 'str'> 1000010041::1236715301.87:21600.0:td5H7aVUJBVlChDufyHNlQ==:rlx-0-06.rhndev.redhat.com forceRefresh = <type 'int'> 0 oldToken = <type 'NoneType'> None self = <type 'instance'> <proxy.broker.rhnProxyAuth.ProxyAuth instance at 0xb7cdaf2c> Frame handler in /usr/share/rhn/proxy/broker/rhnBroker.py at line 166 client_ip = <type 'str'> 10.10.76.128 ip_path = <type 'str'> 10.10.76.128 _oto = <type 'instance'> {'content-length': '122', 'x-client-version': '1', 'accept-encoding': 'identity', 'x-transport-info': 'Extended Capabilities Transport (C) Red Hat, Inc (version 92982)', 'x-up2date-version': '4.7.1-17.el4', 'user-agent': 'rhn.rpclib.py/$Revision: 92982 $', 'x-rhn-ip-path': '10.10.76.128', 'host': 'rlx-0-06.rhndev.redhat.com:443', 'x-rhn-transport-capability': 'follow-redirects=2', 'x-info': 'RPC Processor (C) Red Hat, Inc (version 118741)', 'content-type': 'text/xml', 'x-rhn-client-capability': 'packages.verifyAll(1)=1,caneatCheese(1)=1,packages.extended_profile(1)=1,reboot.reboot(1)=1,packages.verify(1)=1,packages.runTransaction(1)=1,kickstart.initiate(1)=1,packages.rollBack(1)=1'} getResult = <type 'NoneType'> None self = <type 'instance'> <proxy.broker.rhnBroker.BrokerHandler instance at 0xb7cda94c> Frame handler in /usr/share/rhn/proxy/apacheHandler.py at line 337 handlerObj = <type 'instance'> <proxy.broker.rhnBroker.BrokerHandler instance at 0xb7cda94c> self = <type 'instance'> <proxy.apacheHandler.apacheHandler instance at 0xb7cce5ac> req = <type 'mp_request'> <mp_request object at 0xb7eb2d2c> ret = <type 'int'> 0 rhnBroker = <type 'module'> <module 'proxy.broker.rhnBroker' from '/usr/share/rhn/proxy/broker/rhnBroker.pyc'> Frame __call__ in /usr/share/rhn/proxy/apacheServer.py at line 55 self = <type 'instance'> <proxy.apacheServer.HandlerWrap instance at 0xb7de77ac> req = <type 'mp_request'> <mp_request object at 0xb7eb2d2c> f = <type 'instancemethod'> <bound method apacheHandler.handler of <proxy.apacheHandler.apacheHandler instance at 0xb7cce5ac>> Frame HandlerDispatch in /usr/lib/python2.4/site-packages/mod_python/apache.py at line 299 req = <type 'mp_request'> <mp_request object at 0xb7eb2d2c> config = <type 'mp_table'> {'PythonPath': 'sys.path+['/usr/share/rhn']'} self = <type 'instance'> <mod_python.apache.CallBack instance at 0xb7ec072c> object = <type 'instance'> <proxy.apacheServer.HandlerWrap instance at 0xb7de77ac> l = <type 'list'> ['proxy.apacheServer', 'Handler'] module = <type 'module'> <module 'proxy.apacheServer' from '/usr/share/rhn/proxy/apacheServer.pyc'> hlist = <type 'mp_hlist'> {'handler:'proxy.apacheServer::Handler','directory':'^/*/','silent':0} object_str = <type 'str'> Handler debug = <type 'int'> 0 module_name = <type 'str'> proxy.apacheServer pathstring = <type 'str'> sys.path+['/usr/share/rhn'] result = <type 'int'> 500 Environment for PID=1870 on exception: LANG = C PATH = /sbin:/usr/sbin:/bin:/usr/bin PWD = / SHLVL = 2 TERM = linux _ = /usr/sbin/httpd Attempting to kickstart a client using the proxy fails with this error: This action will be executed after 2009-03-10 02:37:17 EDT. This action's status is: Failed. The client picked up this action on 2009-03-10 02:38:41 EDT. The client completed this action on 2009-03-10 02:38:47 EDT. Client execution returned "Did not receive a valid kickstart config file. It's possible that the URL http://rlx-0-06.rhndev.redhat.com/ty/8FhEIZhr was not found." (code 15) I've gone over this multiple times setting up the system that would serve as the proxy in multiple ways and reviewed the documentation, but I can not find a missing step in what I've done. While I still hope it's my error, at this point I can only conclude that proxy is busted.
turn off selinux for 5.2 so rhnCache has access to /var/cache/rhn/proxy-auth.
Verified errata fix on Proxy installed to RHEL5u3 and RHEL4u7, registered to satellite on RHEL5u3 and RHEL4u7. Registered to the proxies, pushed packages without an issue, and used the proxy for kickstarts.
Verified in Stage.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0391.html