Description of problem: There are a couple of the problems with the install process on s390x. First, there is an instruction in the install process as follows: [root@rhndev5 ~]# configure-proxy.sh Proxy version to activate [0.5]: 5.3 RHN Parent [rlx-0-06.rhndev.redhat.com]: Traceback email []: jbrownin Use SSL [Y/n]: Y CA Chain [/usr/share/rhn/RHNS-CA-CERT]: Please do copy your CA key and public certificate from rlx-0-06.rhndev.redhat.com to /root/ssl-build directory. You may want to execute this command: scp 'root.redhat.com:/root/ssl-build/RHN-ORG-{PRIVATE-SSL-KEY,TRUSTED-SSL-CERT}' /root/ssl-build The problem is that, apparently, there is no ssl-build directory on s390x. Running this command simply creates a file in /root named ssl-build that contains the same text as the two files targeted for copying. Manually creating this folder and then running the scp command will get you past this step. Later, however, you run into this: Using CA key at /root/ssl-build/RHN-ORG-PRIVATE-SSL-KEY. grep: /root/ssl-build/latest.txt: No such file or directory Generating distributable RPM for CA public certificate: Copying CA public certificate to /var/www/html/pub for distribution to clients: Generating SSL key and public certificate: CA password: ERROR: can't find a file that should have been created during an earlier step: /root/ssl-build/rhn-ca-openssl.cnf rhn-ssl-tool --help SSL key generation failed! Installation interrupted. API version: 5.3.0 Beta RHN Proxy successfully deactivated. Version-Release number of selected component (if applicable): [root@rhndev5 ~]# rpm -q spacewalk-proxy-installer spacewalk-proxy-installer-0.5.25-4.el4sat How reproducible: 100% Steps to Reproduce: 1. Provision a fresh s390x 2. Register the box to a 530 Sat 3. Give it provisioning and assign it to the tools channel 4. up2date -u or yum update 5. up2date -i or yum install spacewalk-proxy-installer 6. Copy the cert from the Sat to the s390x box 7. configure-proxy.sh and follow the prompts Actual results: The apparent lack of a /root/ssl-build directory on an s390x system is causing problems for the proxy installer. Expected results: This should be a condition that is handled gracefully. Additional info: Confirmed for s390x RHEL4. Will be checking on RHEL5 ASAP. There seems to be something wrong with the rhndevX systems in general at the moment, and I am unable to reprovision to RHEL5 to check this there.
Confirmed. The same issue exists in RHEL5 on s390x.
This is also an issue on s390.
I will only address in this bug nonexistence of /root/ssl-build (it is problem not relevant to arch). The remaining is addressed in BZ 500215 Commited as bed27954cf50a8bd37ba016ea2bd560cea59c661 Will be fixed in spacewalk-proxy-installer-0.5.25-5-sat I added there note, that this directory should be created first and make SSL_BUILD_DIR as option.
The wording of the message now says: Please do copy your CA key and public certificate from rlx-0-06.rhndev.redhat.com to /root/ssl-build directory. You may want to execute this command: mkdir ; scp 'root.redhat.com:/root/ssl-build/RHN-ORG-{PRIVATE-SSL-KEY,TRUSTED-SSL-CERT,rhn-ca-openssl.cnf}' To make it more clear what must happen, perhaps should say something like: You may want to create the /root/ssl-build directory if it does not already exist and execute this command: scp 'root.redhat.com:/root/ssl-build/RHN-ORG-{PRIVATE-SSL-KEY,TRUSTED-SSL-CERT,rhn-ca-openssl.cnf}' As it stands, it's not explicitly clear what the user must do. It's likely they can figure it out, but we should be as clear as possible.
I split the check into two. I first check existence of /root/ssl-build at the begginging of script. If it do not exist you will get: Error: ssl build directory $SSL_BUILD_DIR do not exist. In that scp command was error. Now it is: Please do copy your CA key and public certificate from $RHN_PARENT to /root/ssl-build directory. You may want to execute this command: scp 'root@$RHN_PARENT:/root/ssl-build/{RHN-ORG-PRIVATE-SSL-KEY,RHN-ORG-TRUSTED-SSL-CERT,rhn-ca-openssl.cnf}' $SSL_BUILD_DIR Commmit 3d4c98195b6770db30d1ca240e92f781e43b4e44
*** Bug 503058 has been marked as a duplicate of this bug. ***
Verified
Following test plan with s390x in #Description ... (however this is not a s390x issue). I was asked to create manually the /root/ssl-build directory and afterwards to scopy the CA key, CA configuration file and the public certificate from the satellite. [root@z206 ~]# configure-proxy.sh Error: ssl build directory /root/ssl-build does not exist. Please create this directory. [root@z206 ~]# mkdir /root/ssl-build [root@z206 ~]# configure-proxy.sh RHN Parent [rhndev2.z900.redhat.com]: CA Chain [/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT]: Please do copy your CA key and public certificate from rhndev2.z900.redhat.com to /root/ssl-build directory. You may want to execute this command: scp 'root.redhat.com:/root/ssl-build/{RHN-ORG-PRIVATE-SSL-KEY,RHN-ORG-TRUSTED-SSL-CERT,rhn-ca-openssl.cnf}' /root/ssl-build [root@z206 ~]# scp 'root.redhat.com:/root/ssl-build/{RHN-ORG-PRIVATE-SSL-KEY,RHN-ORG-TRUSTED-SSL-CERT,rhn-ca-openssl.cnf}' /root/ssl-build The authenticity of host 'rhndev2.z900.redhat.com (10.10.16.72)' can't be established. RSA key fingerprint is f1:39:74:8a:08:a5:b7:cd:cc:c0:32:c8:7d:5e:ce:98. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'rhndev2.z900.redhat.com,10.10.16.72' (RSA) to the list of known hosts. root.redhat.com's password: RHN-ORG-PRIVATE-SSL-KEY 100% 1751 1.7KB/s 00:00 RHN-ORG-TRUSTED-SSL-CERT 100% 5288 5.2KB/s 00:00 rhn-ca-openssl.cnf 100% 2153 2.1KB/s 00:00 After I run configure-proxy.sh for the 3rd time, proxy was successfully installed. Stage validated -> RELEASE_PENDING
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-1433.html