Bug 524053 - spacewalk-ssl-cert-check-1.7-1.el4sat is broken on 5.2 and older satellite servers
Summary: spacewalk-ssl-cert-check-1.7-1.el4sat is broken on 5.2 and older satellite se...
Alias: None
Product: Red Hat Satellite Proxy 5
Classification: Red Hat
Component: Server
Version: 420
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Miroslav Suchý
QA Contact: Red Hat Satellite QA List
: 521347 (view as bug list)
Depends On:
Blocks: sat531-blockers 527744
TreeView+ depends on / blocked
Reported: 2009-09-17 17:41 UTC by John T. Rose
Modified: 2018-10-20 03:23 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 527744 (view as bug list)
Last Closed: 2009-10-20 15:51:14 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:1518 normal SHIPPED_LIVE rhn-ssl-cert-tools bug fix update 2009-10-20 15:51:11 UTC

Description John T. Rose 2009-09-17 17:41:36 UTC
Description of problem:

After upgrading to the spacewalk-ssl-cert-check package the script in /etc/cron.daily/rhn-ssl-cert-check fails

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Update spacewalk-ssl-cert-check on a 4.2 proxy
2. run daily cron job in etc/cron.daily/rhn-ssl-cert-check
3. see results below
Actual results:


Unable to read the admin e-mail address in /etc/rhn/rhn.conf

To disable monitoring, add CHECK=no in /etc/sysconfig/rhn/rhn-ssl-cert-check
Otherwise, you will have to add a valid email address to receive
expiration notifications, either in /etc/rhn/rhn.conf (traceback_mail)
or set ADMIN in /etc/sysconfig/rhn/rhn-ssl-cert-check

Expected results:

None if the ssl-cert is not expiring

Additional info:

There are a couple of obvious problems in the script on 4.2 proxy servers.

(1) SSL_HTTPD_CONF_FILE=/etc/httpd/conf.d/ssl.conf in invalid and should be SSL_HTTPD_CONF_FILE=/etc/httpd/conf/httpd.conf

(2) In the get_rhn_component() function the test for a proxy fails. rpm -q spacewalk-proxy-management should be rpm -q rhns-proxy-management on older proxy servers.

Comment 1 Miroslav Suchý 2009-09-24 11:50:01 UTC
Commited to:
 branches/eng/RELEASE-5.0 as 187270
 branches/eng/RELEASE-5.1 as 187269
 branches/eng/RELEASE-5.2 as 187268

To satellite.git as

Comment 2 Miroslav Suchý 2009-09-24 11:50:53 UTC
4.2 and 4.1 has the same version as 5.0

Comment 3 Miroslav Suchý 2009-09-24 11:52:50 UTC
For records - the conclusion from mailing list:
The problem is that some customers already downloaded this new version. So we will have to release new version of rhn-ssl-cert-check for each supported channel, which will do magic using provides/obsoletes or epoch to force to "upgrade" to previous version in that given channel.
A lot of work, a lot of testing, but IMO correct way.

Comment 4 Miroslav Suchý 2009-10-06 07:34:01 UTC
It has not been pushed to proxy channels. Requested in ticket #51301

For record - previous rel-eng ticket for this bz are: #50832 and #51007

Comment 6 Miroslav Suchý 2009-10-06 12:37:55 UTC
Current packages fails to upgrade (in one step) due to bug in yum: BZ 527432

Comment 7 Miroslav Suchý 2009-10-06 13:01:34 UTC
Commited to:
 branches/eng/RELEASE-5.0 as 187606
 branches/eng/RELEASE-5.1 as 187609
 branches/eng/RELEASE-5.2 as 187610

I tested that since I done major bump in version (from 1.4 to 5.x) it works even without epoch so removing it:
 branches/eng/RELEASE-5.0 as 187613
 branches/eng/RELEASE-5.1 as 187612
 branches/eng/RELEASE-5.2 as 187611

Comment 8 Miroslav Suchý 2009-10-06 15:04:16 UTC
Filled ticket #51314 to import to brew

Comment 10 errata-xmlrpc 2009-10-20 15:51:14 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Comment 11 Clifford Perry 2009-10-29 03:17:52 UTC
*** Bug 521347 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.