[katello-devel] Katello's %post runs reset-oauth -- should it?
Bryan Kearney
bkearney at redhat.com
Tue Oct 4 16:23:22 UTC 2011
On 10/04/2011 08:26 AM, Jan Pazdziora wrote:
>
> As part of the installation sanity checking, I run rpm -Va before
> running
>
> yum install katello-all
>
> and after the command finishes.
>
> I've found out that the /etc/katello/katello.yml gets modified:
>
> S.5....T. c /etc/katello/katello.yml
>
> The culprit seems to be the %post script of the katello package:
>
> postinstall scriptlet (using /bin/sh):
> /usr/share/katello/script/reset-oauth
>
> #Add /etc/rc*.d links for the script
> /sbin/chkconfig --add katello
>
> That script modifies /etc/katello/katello.yml, and it tries to modify
> /etc/candlepin/candlepin.conf and /etc/pulp/pulp.conf as well.
> However, those packages are not installed when katello %post is run
> (there is no depencency between those packages), so the files do not
> exist, so they do not get updated.
>
> The net effect is that /etc/katello/katello.yml has new secret
> generated in it but it is not propagated to the other parts. So it
> looks like it is correctly configured but it is not.
>
> I propose to remove reset-oauth from the %post and just make that
> setup part of the puppet manifests (and thus katello-configure), which
> I hope is already there anyway. ... Well, it looks like it is not
> correct there, it just puts a static $oauth_secret there -- yet
> another motive to get this fixed.
>
I agree.. I think that makes sense.
-- bk
More information about the katello-devel
mailing list