Red Hat Bugzilla – Bug 807762
[RFE] yum product-id plugin should stop removing product certs; proposal for a BLUE installed product status
Last modified: 2013-11-01 16:05:12 EDT
Description of problem:
The yum product-id plugin is supposed to behave such that:
1. On RHEL5, a productid.pem will be installed into /etc/pki/product by the yum product-id plugin when a package is yum installed from the corresponding repo, BUT the productid.pem will never be removed by the yum product-id plugin.
2. On RHEL6, a productid.pem will be installed into /etc/pki/product by the yum product-id plugin when a package is yum installed from the corresponding repo, AND the productid.pem will be removed by the yum product-id plugin ONLY when there are no more packages installed on the system that came from the entitled yum repo.
In light of bug 806457 and bug 707313 (and others) and the inconsistent behavior between RHEL5/RHEL6 and the painful consequences of having a product cert removed (especially a base product cert like RHEL!), I propose that the yum product-id plugin NEVER remove a product cert. Instead, we should introduce another installed product state to accompany the current Red/Yellow/Green states. Let's call this state Blue to reflect an "Inactive" status. This state would represent a product for which the last remaining package originating from the entitled repos supporting said product has been yum erased. Implementing this idea may be tricky because when an entitlement is removed/revoked/unsubscribed, we would not want a Blue product to turn Red. Another implementation trick is that an entitlement that requires tags from the provided tags of an "Inactive" product cert would have to withhold access to the provided content. A new benefit from this proposal is that the installed product status would reflect a cumulation of what has been installed on the system. This would be more informative than the magic disappearance of an installed product. Remember that a product cert can always be removed manually and the repercussions of the removal can be blamed on the person who did the removal, not our entitlement management system.
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
bug 859197 is another example that supports this RFE bug
If the fix in https://bugzilla.redhat.com/show_bug.cgi?id=859197#c15 proves to be reliable, then this RFE becomes unnecessary and can be CLOSED/WONTFIX.
Closing this out per Comment 4