Description of problem: Investigating the code we could see that rhnsd poller interval are different between RHEL5 branch and RHEL6, Spacewalk branch. rhnsd on RHEL5 allows polling with the minimum interval set as 1 minute, while on RHEL6 and Spacewalk the minimum value is 60 minutes. RHEL6 ------- $ git branch master * rhel-6.4 $ grep MIN_INTERVAL rhnsd.c | grep ^#define #define MIN_INTERVAL 60 /* minimal sane interval; RHN will blacklist RHEL5 ------- $ git branch master * rhel-5.9 $ grep MIN_INTERVAL rhnsd.c | grep ^#define #define MIN_INTERVAL 1 /* minimal sane interval; RHN will blacklist We should allow our customers to be able to polling actions within 1 minute interval. Version-Release number of selected component (if applicable): rhnsd-5.0.9-1 (nightly build on spacewalk) How reproducible: 100% Steps to Reproduce: 1. man rhnsd Actual results: The default interval is every 240 minutes. The minimum polling interval is 60 minutes. Expected results: The default interval is every 240 minutes. The minimum polling interval is 1 minute. A polling interval of less than 60 minutes will get your server blocked if you are connecting to rhn.redhat.com. Additional info: cliff, sherr and me already discussed this issue
Created attachment 771060 [details] Proposted patch This patch addresses the issue reported on this bug setting the minimum interval to 1 minute.
Testing with value set to 30min. Monitoring it using a systemtap. # service rhnsd restart Stopping Red Hat Network Daemon: [ OK ] Starting Red Hat Network Daemon: [ OK ] Mon Jul 8 21:47:04 2013: rhn_check(36671) connecting to RHN port 443 by UID 0 Mon Jul 8 21:47:04 2013: rhn_check(36671) connecting to RHN port 443 by UID 0 Mon Jul 8 21:47:05 2013: rhn_check(36671) connecting to RHN port 443 by UID 0 Mon Jul 8 22:17:04 2013: rhn_check(44123) connecting to RHN port 443 by UID 0 Mon Jul 8 22:17:05 2013: rhn_check(44123) connecting to RHN port 443 by UID 0 Mon Jul 8 22:17:05 2013: rhn_check(44123) connecting to RHN port 443 by UID 0 Mon Jul 8 22:47:05 2013: rhn_check(51560) connecting to RHN port 443 by UID 0 Mon Jul 8 22:47:05 2013: rhn_check(51560) connecting to RHN port 443 by UID 0 Mon Jul 8 22:47:05 2013: rhn_check(51560) connecting to RHN port 443 by UID 0 Mon Jul 8 23:17:04 2013: rhn_check(59000) connecting to RHN port 443 by UID 0 Mon Jul 8 23:17:04 2013: rhn_check(59000) connecting to RHN port 443 by UID 0 Mon Jul 8 23:17:05 2013: rhn_check(59000) connecting to RHN port 443 by UID 0 Mon Jul 8 23:47:04 2013: rhn_check(66442) connecting to RHN port 443 by UID 0 Mon Jul 8 23:47:04 2013: rhn_check(66442) connecting to RHN port 443 by UID 0 Mon Jul 8 23:47:05 2013: rhn_check(66442) connecting to RHN port 443 by UID 0 Tue Jul 9 00:17:04 2013: rhn_check(73886) connecting to RHN port 443 by UID 0 Tue Jul 9 00:17:05 2013: rhn_check(73886) connecting to RHN port 443 by UID 0
The RHEL 5 code is wrong, and that issue was fixed via bug 563173.
I mean, you can of course change the default to go down to 1 minute, just please don't use the RHEL 5 behaviour as a justification. Also please note that Spacewalk has no safeguards against clients hitting it every minute (like hosted has). So I'd propose to first make sure Spacewalk is able to reject service if its load is too high before releasing client code which can easily take the server to its knees.
If you want real-time communication between clients then use osad. Changing the rhnsd minimum interval would just cause DDoS against Spacewalk server and one hour minimum interval has some reasoning.