Description of problem: The rhua installer needs to set auth=no in the qpidd.conf to prevent qpidd from selecting GSS for authentication. In some installations, where GSS isn't installed or configured correctly, auth=yes (the default), causes connection problems. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Install RHUA in IBM cloude on RHEL6 2. Install a CDS 3. Register the CDS Actual results: All qpid related operations fail. In /var/log/httpd/error_log and probably in pulp.log: [Thu Sep 29 14:49:17 2011] [error] File "/usr/lib/python2.6/site-packages/gofer/messaging/broker.py", line 102, in connect [Thu Sep 29 14:49:17 2011] [error] con.attach() [Thu Sep 29 14:49:17 2011] [error] File "<string>", line 6, in attach [Thu Sep 29 14:49:17 2011] [error] File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 262, in attach [Thu Sep 29 14:49:17 2011] [error] self._ewait(lambda: self._transport_connected and not self._unlinked()) [Thu Sep 29 14:49:17 2011] [error] File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 197, in _ewait [Thu Sep 29 14:49:17 2011] [error] self.check_error() [Thu Sep 29 14:49:17 2011] [error] File "/usr/lib/python2.6/site-packages/qpid/messaging/endpoints.py", line 190, in check_error [Thu Sep 29 14:49:17 2011] [error] raise self.error [Thu Sep 29 14:49:17 2011] [error] AuthenticationFailure: Error in sasl_client_start (-1) SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Credentials cache file '/tmp/krb5cc_48' not found) Expected results: No exception. Additional info:
Updated: rhui-2.0/tools/etc/rhui/templates/rh-rhua-config.spec and in the process of testing.
commit: 8fbce1e4cadd0ff24c7935dc6771aa6951c11558
set tracker bug. 746803
Verified with following RHUI ISO: RHEL-6.1-RHUI-2.0.1-20111017.0-Server-x86_64-DVD1.iso RHUI installer is now setting 'auth=no' in qpidd.conf. [root@dhcp201-152 ~]# cat /etc/qpidd.conf | grep auth auth=no # RHUI ssl-require-client-authentication=yes # RHUI
Verified with following RHUI ISO: RHEL-6.1-RHUI-2.0.1-20111017.0-Server-x86_64-DVD1.iso [root@dhcp193-14 ~]# cat /etc/qpidd.conf | grep auth auth=no # RHUI ssl-require-client-authentication=yes # RHUI [root@dhcp193-14 ~]# CDS sync is also working fine when 'auth=no' set in /etc/qpidd.conf ------------------------------------------------------------------------------ -= Red Hat Update Infrastructure Management Tool =- -= CDS Synchronization Status =- Last Refreshed: 15:45:44 (updated every 5 seconds, ctrl+c to exit) cds179 ...................................................... [ UP ] Next Sync Last Sync Last Result ------------------------------------------------------------------------------ cds179 10-20-2011 21:44 10-20-2011 15:45 Success Connected: dhcp193-14.pnq.redhat.com ------------------------------------------------------------------------------
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Do not document
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:0367