Bug 843899 - Installing the candlepin-cert bootstrap package fails on RHEL5.8+
Installing the candlepin-cert bootstrap package fails on RHEL5.8+
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Docs User Guide (Show other bugs)
6.0.1
Unspecified Unspecified
high Severity high (vote)
: Unspecified
: --
Assigned To: Dan Macpherson
ecs-bugs
: Triaged
Depends On: 843861
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-27 11:40 EDT by Eric Sammons
Modified: 2014-09-18 11:32 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 843861
Environment:
Last Closed: 2012-12-10 16:58:17 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Eric Sammons 2012-07-27 11:40:25 EDT
+++ This bug was initially created as a clone of Bug #843861 +++

Description of problem:
katello-configure will generate a bootstrap file, candlepin-cert and store in /var/www/html/pub.  This file is intended to easily bootstrap a consumer, when installed will install certs and update configurations so that subscription-manager will point to the internal SAM.

When running yum localinstall candlepin-cert*.rpm or rpm -ivh http://fqdn/pub/candlepin-cert*.rpm the command will error out.

Version-Release number of selected component (if applicable):
katello-configure-0.3.7-1.el6_2.noarch

Steps to Reproduce:
1. wget http://fqdn/pub/candlepin-cert-consumer-fqdn-1.0-1.noarch.rpm
2. yum localinstall candlepin-cert-consumer-fqdn-1.0-1.noarch.rpm

also tried:
1. rpm -ivh http://fqdn/pub/candlepin-cert-consumer-fqdn-1.0-1.noarch.rpm

also tried:
1. vi /etc/yum.conf
   set gpgcheck = 0
2. yum localinstall candlepin-cert-consumer-fqdn-1.0-1.noarch.rpm
  
Actual results: 

scenario1: 
Package candlepin-cert-consumer-fqdn-1.0-1.noarch.rpm is not signed

Scneario2:
Retrieving http://fqdn/pub/candlepin-cert-consumer-fqdn-1.0-1.noarch.rpm
error: Failed dependencies:
	rpmlib(FileDigests) <= 4.6.0-1 is needed by candlepin-cert-consumer-fqdn-1.0-1.noarch
	rpmlib(PayloadIsXz) <= 5.2-1 is needed by candlepin-cert-consumer-fqdn-1.0-1.noarch

Scneario3:
Running rpm_check_debug
ERROR with rpm_check_debug vs depsolve:
rpmlib(FileDigests) is needed by candlepin-cert-consumer-fqdn-1.0-1.noarch
rpmlib(PayloadIsXz) is needed by candlepin-cert-consumer-fqdn-1.0-1.noarch
Complete!
(1, [u'Please report this error in https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%205&component=yum'])

Expected results:
RHEL 5 is a supported consumer, as such the bootstrap option should be supported here and install the candlepin-cert package without issue; updating the necessary files and installing the cert.
Comment 1 Lukas Zapletal 2012-07-31 07:06:03 EDT
Scenario 2 should be already fixed. https://bugzilla.redhat.com/show_bug.cgi?id=818261 git 37554b36250e475a24d2b63ffe7b574dfc257563

Taking for investigation.
Comment 2 Lukas Zapletal 2012-08-01 07:48:10 EDT
Ok the scenario 2 and 3 are fixed upstream already:

http://docs.redhat.com/docs/en-US/CloudForms/1.0/html/Release_Notes/chap-Release_Notes-System_Engine.html#sect-Release_Notes-System_Engine-System_Engine_Considerations-known_issues_09

I tested it today on RHEL 5.8, the package installs fine. I tested also on RPM bootstrap file generated with redhat-rpm-config package installed on the server.

Now, scenario 1 - package is not signed. We do not sign boostrap RPM file, it does not make sense - the signature would needed to be unique for each instance and since the boostrap process is intended to be non-interactive, GPG key would be needed to be downloaded first.

Having said that, administrators are able to sign RPM file manually if they want, but they need to include GPG key download in the boostrap process too.

My outcome is to update documentation with --nogpgcheck that is needed for RHEL5 clients (RHEL6 yum installs fine without signature). We are missing this in the documentation:

https://fedorahosted.org/katello/wiki/GuideSystemRegistrationClient?version=26&action=diff

Therefore doco only. We just need to check if the fix is also in SAM 1.1.
Comment 3 Eric Sammons 2012-08-08 11:35:24 EDT
If you know what x.y this fix should be in I can look; otherwise I'll test again.  I do believe my testing here was done against SAM-1.1, I'll double check.
Comment 4 Eric Sammons 2012-08-09 14:02:19 EDT
This issue appears to have been addressed in SAM-1.1 and in upstream katello-1.0.4.
Comment 5 Lukas Zapletal 2012-08-15 05:59:17 EDT
Okay, I am changing the component to doco since no work was commited to the master.

@Doco team - we need to update documentation with --nogpgcheck that is needed for RHEL5 clients (RHEL6 yum installs fine without signature). We are missing this in the documentation:

https://fedorahosted.org/katello/wiki/GuideSystemRegistrationClient?version=26&action=diff

Relevant chapters "Registration the client". And also we might put this into the Release Notes for those who upgrade. Thanks.
Comment 8 James Laska 2012-10-03 09:29:13 EDT
Dan: can you take a look at comment#5?  I believe this is a documentation request.
Comment 12 Lana Brindley 2012-11-18 21:50:03 EST
This documentation has now been dropped to translation ahead of publication. For any further issues, please open a new a bug.

LKB
Comment 13 Lana Brindley 2012-12-10 16:58:17 EST
This document is now publicly available on access.redhat.com. For any further issues, please raise a new bug.

LKB
Comment 14 Mike McCune 2013-08-16 14:15:18 EDT
getting rid of 6.0.0 version since that doesn't exist

Note You need to log in before you can comment on or make changes to this bug.