642340 – RHN Proxy 5.4 webUI installer fail if you enable both ssl and push

Bug 642340 - RHN Proxy 5.4 webUI installer fail if you enable both ssl and push

Summary: RHN Proxy 5.4 webUI installer fail if you enable both ssl and push

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Network
Classification:	Retired
Component:	RHN/Other
Sub Component:
Version:	rhn522
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	rhn-dev-list
QA Contact:	Red Hat Network Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:	631847
Blocks:	sat540-proxy 631872
TreeView+	depends on / blocked

Reported:	2010-10-12 16:11 UTC by Miroslav Suchý
Modified:	2010-10-12 16:21 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:	631847
Environment:
Last Closed:	2010-10-12 16:21:09 UTC
Embargoed:

Attachments	(Terms of Use)

Description Miroslav Suchý 2010-10-12 16:11:49 UTC

+++ This bug was initially created as a clone of Bug #631847 +++

--- Additional comment from dyordano on 2010-10-12 06:05:16 EDT ---

Now I have new issue.
Proxy 5.4 - dell-pe830-02.rhts.eng.bos.redhat.com
Satellite 5.4 - tyan-gt24-01.rhts.eng.bos.redhat.com

Client execution returned "Failed deployment and rollback, information on user 'jabberd' could not be found" (code 50)
Config Files:
/etc/httpd/conf.d/cobbler-proxy.conf (rev. 1)	
/etc/httpd/conf.d/rhn_proxy.conf (rev. 1)	
/etc/httpd/conf.d/ssl.conf (rev. 1)	
/etc/httpd/conf/ssl.crt/server.crt (rev. 1)	
/etc/httpd/conf/ssl.csr/server.csr (rev. 1)	
/etc/httpd/conf/ssl.key/server.key (rev. 1)	
/etc/jabberd/c2s.xml (rev. 1)	
/etc/jabberd/server.pem (rev. 1)	
/etc/jabberd/sm.xml (rev. 1)	
/etc/rhn/rhn.conf (rev. 1)	
/etc/squid/squid.conf (rev. 1)	
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT (rev. 1)	
/var/www/html/pub/RHN-ORG-TRUSTED-SSL-CERT (rev. 1)	
/var/www/html/pub/rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm (rev. 1)

Dimi

--- Additional comment from msuchy on 2010-10-12 08:32:42 EDT ---

This happens when you check both "Enable Push?" and "SSL" options in WebUI installer. This will schedule deployment of
 /etc/jabberd/server.pem
as user jabberd

In RHN Proxy 5.3 and older we used jabberd 2.0, which used user jabberd, but in RHN Proxy 5.4 we upgraded to jabberd 2.2, which use user jabber.

--- Additional comment from cperry on 2010-10-12 08:41:54 EDT ---

Mirek - if safe to fix - please do and we can re-spin ISO for it. 

Cliff

--- Additional comment from msuchy on 2010-10-12 10:47:38 EDT ---

Fix commited to spacewalk 1394331d1f4f4d52cc8ee622b2fc737aa4b06e4f

cherrypicked to satellite as commit 25436fa5f113b75ab34826c5893daa29cd4bbac7

Comment 1 Miroslav Suchý 2010-10-12 16:13:19 UTC

you could not directly use our patch since hosted use import_ssl_cert, and we use generate_ssl_cert method.
But you will handle it :)

Comment 2 Clifford Perry 2010-10-12 16:21:09 UTC

http://git.fedorahosted.org/git/?p=spacewalk.git;a=commitdiff;h=1394331d1f4f4d52cc8ee622b2fc737aa4b06e4f;hp=b1691846ac808ed89b2c839fad17b7a5064fe8e3

Dude - not needed jabberd and osad is a Satellite only thing. While they could make code change, it is not needed for RHN Hosted installations of RHN Proxy. 

Closing notabug.

# special cases...
+  my $jabber_user = 'jabberd';
+  if ($params{'version'} >= 5.4) {
+    $jabber_user = 'jabber';
+  }
   eval {
     # server_pem - for jabberd
     import_file(-path => '/etc/jabberd/server.pem',
                -content => $server_pem,
                -config_channel => $cc,
-               -username => 'jabberd',
-               -groupname => 'jabberd',
+               -username => $jabber_user,
+               -groupname => $jabber_user,
                -mode => '600');

Note You need to log in before you can comment on or make changes to this bug.