As part of bz 760683 Pulp has moved it's certs from /etc/pki/content to /etc/pki/pulp/content This bugzilla is filed to address any work which may be needed by Katello to integrate with Pulp. This change will be in Pulp 0.0.256+/CR20. In particular SELinux rules may need to be modified for Katello. Pulp expects the locations configured in repo_auth.conf to have the context "pulp_cert_t". Pulp will apply this context to all files under /etc/pki/pulp if this path is not used than Katello will need to handle this rule.
Also note: Apache needs to be the owner of the certs directory. We no longer use setfacl and require regular dir/file ownership.
The changes on Katello installed reflecting this fact are ready in remote branch 768420. Once new Pulp CR with this changes is released, it can be merged to master.
Just a note: this change was introduced in pulp-0.0.256-1
mass ON_QA move
# VERIFIED on recent Katello packages the installation (as well as later interaction with pulp) goes fine. certificates are located under: /etc/pki/pulp/content/ context is: pulp_cert_t checked against version: --- katello-configure-0.1.58-1.git.0.33f084d.el6.noarch katello-all-0.1.207-1.git.0.1fbec20.el6.noarch katello-0.1.207-1.git.0.1fbec20.el6.noarch katello-cli-0.1.49-1.git.0.6962a71.el6.noarch pulp-0.0.263-1.el6.noarch
getting rid of 6.0.0 version since that doesn't exist