Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 816982 - Able to set any value for subscription-manager release –set
Summary: Able to set any value for subscription-manager release –set
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: subscription-manager
Version: 6.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Adrian Likins
QA Contact: Entitlement Bugs
URL:
Whiteboard:
Depends On:
Blocks: 738066
TreeView+ depends on / blocked
 
Reported: 2012-04-27 11:44 UTC by spandey
Modified: 2015-04-23 23:57 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-04-27 17:37:12 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description spandey 2012-04-27 11:44:23 UTC
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
3/3

Prerequisites.
Rhel6.3 with following rpm.
subscription-manager-migration-0.99.15-1.el6.x86_64
subscription-manager-gnome-0.99.15-1.el6.x86_64
subscription-manager-migration-data-1.12.1.5-1.el6.noarch
subscription-manager-0.99.15-1.el6.x86_64
subscription-manager-debuginfo-0.99.15-1.el6.x86_64
subscription-manager-firstboot-0.99.15-1.el6.x86_64

Steps to Repro : 
Register client to candlepin. 
Execute following command on console to set release os version 
[root@sachbeta1 ~]# subscription-manager release --set 123456789000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Expected Result : 
Release set command should fail with proper error message , ie : not valid release os version .
Release –set command should accept values only from release list.


Actual Result : 
[root@sachbeta1 ~]# subscription-manager release --set 123456789000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Release set to: 123456789000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

[root@sachbeta1 ~]# subscription-manager release
Release: 123456789000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Comment 2 Adrian Likins 2012-04-27 17:37:12 UTC
This is working as intended. We might restrict it to just the stuff in --list later, but for now, this is okay.

Comment 3 Milan Falešník 2012-07-25 10:40:33 UTC
I found out that the input value should be somewhat limited.

When I issue command:
subscription-manager release --set="troll'd"

it accepts that.
But then I tried to install some packages and yum shouted:

Repository 'rhel-scalefs-for-rhel-6-workstation-beta-debug-rpms': Error parsing config: Error parsing "baseurl = "https://cdn.rcm-qa.redhat.com/content/beta/rhel/workstation/6/troll'd/x86_64/scalablefilesystem/debug"": No closing quotation

on every repo entry. The ' messed it up.

Good place for some REPO injection ....


Note You need to log in before you can comment on or make changes to this bug.