[Spacewalk-list] Spacewalk-list Digest, Vol 47, Issue 38 (Spacewalk Installation - Problems with Certifications-scripts_gen-oss-sat-cert.pl)

Gerald Buttitta gbuttitta at gci.com
Mon Apr 30 17:08:19 UTC 2012 

 
Thank you for your help. 
Original source document: https://fedorahosted.org/spacewalk/wiki/CertCreation#InstallGPGkeysintowebapp
1.	I've had some problems with scripts_gen-oss-sat-cert.pl but have worked them out until now.
I run:
 ./scripts_gen-oss-sat-cert.pl --orgid 1 --owner rowen --signer rowen --output /usr/share/rhn/config-defaults --expires 2022-04-22 --slots 20000 --provisioning-slots 20000 --satellite-version 1.7
Passphrase:
can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory
gpg: skipped "rowen": Bad passphrase
gpg: signing failed: Bad passphrase
open /usr/share/rhn/config-defaults: Is a directory at /usr/share/perl5/vendor_perl/RHN/Cert.pm line 289.

I found `/root/.gnupg/S.gpg-agent' is linked:
pwd
/root/.gnupg
lrwxrwxrwx 1 root root   27 Apr 27 15:40 S.gpg-agent -> /tmp/gpg-ryQeNL/S.gpg-agent

In /tmp the directory gpg-ryQeNL does not exist.  It does not exist any where else.

Before discovering this I tried:
http://www.linuxquestions.org/questions/linux-security-4/gpg-gpg-agent-cant-connect-to-root-gnupg-s-gpg-agent-611843/
		mkdir -p -m 700 ~/.gnupg
		mknod -m 700 ~/.gnupg/S.gpg-agent p
		gpg-agent --daemon
		GPG_AGENT_INFO=/tmp/gpg-yicDQJ/S.gpg-agent:6618:1; export GPG_AGENT_INFO;

And :  (Sorry I lost the url I was using.)
		man gpg-agend
		]$ vi $HOME/.bashrc
		added following lines into it:
		Code:

		# GPG-AGENT stuff
		GET_TTY=`tty`
		export $GET_TTY
		/usr/bin/gpg-agent-start.sh


2.	Also, what passphrase is the script looking for, root password, a new passphrase?

Thanks


Jerry Buttitta
OSS Administrator I
(907)868-5916
 


-----Original Message-----
From: spacewalk-list-bounces at redhat.com [mailto:spacewalk-list-bounces at redhat.com] On Behalf Of spacewalk-list-request at redhat.com
Sent: Friday, April 27, 2012 8:00 AM
To: spacewalk-list at redhat.com
Subject: Spacewalk-list Digest, Vol 47, Issue 38

Send Spacewalk-list mailing list submissions to
	spacewalk-list at redhat.com

To subscribe or unsubscribe via the World Wide Web, visit
	https://www.redhat.com/mailman/listinfo/spacewalk-list
or, via email, send a message with subject or body 'help' to
	spacewalk-list-request at redhat.com

You can reach the person managing the list at
	spacewalk-list-owner at redhat.com

When replying, please edit your Subject line so it is more specific than "Re: Contents of Spacewalk-list digest..."


Today's Topics:

   1. Spacewalk Installation - Problems with	Certifications
      (Gerald Buttitta)
   2. Re: Spacewalk Installation - Problems with	Certifications
      (Miroslav Suchy)
   3. Spacewalk upgrade (?LIPEK Krzysztof)
   4. Re: Spacewalk upgrade (Jan Pazdziora)
   5. Re: Spacewalk upgrade (padawan)


----------------------------------------------------------------------

Message: 1
Date: Thu, 26 Apr 2012 10:19:09 -0800
From: Gerald Buttitta <gbuttitta at gci.com>
To: "spacewalk-list at redhat.com" <spacewalk-list at redhat.com>
Subject: [Spacewalk-list] Spacewalk Installation - Problems with
	Certifications
Message-ID:
	<09F712D9B8F7AF40BE523224B2487BA147A3A086 at dtn1mbx01.gci.com>
Content-Type: text/plain; charset="us-ascii"

Hi,
I am installing Spacewalk on CentOS 6.2.
I have it up and running and am going through the instructions at:
https://fedorahosted.org/spacewalk/wiki/CertCreation#InstallGPGkeysintowebapp

I am running into problems installing the certs.
I've run gpg --gen-key with no problems and have exported the keys.
1. My first problem is with "Set the web.gpg_keyring in /etc/rhn/default/rhn_web.conf to your newly exported keyring. "
I do not have the /etc/rhn/default directory.
I do have /usr/share/rhn/config-defaults/rhn_web.conf so I changed:
 #web.gpg_keyring = /etc/webapp-keyring.gpg  web.gpg_keyring = /etc/spacewalkcertkey.gpg Is this sufficient?
Should I create the defaults directory and move the contents of config-defaults to it?

2.  I tried to run:
./scripts_gen-oss-sat-cert.pl --orgid 1 --owner rowen --signer rowen --no-pass-phrase --output /etc/rhn/default --expires 2022-04-22 --slots 2000 --provisioning-slots 2000 --satellite-version 1.7
and found that I don't have the required directroy /var/www/lib.                               perl.x86_64 is installed.
Note: I created an empty /etc/rhn/default directory for this step.
What am I missing?

Any help is greatly appreciated.

Jerry Buttitta
OSS Administrator I
(907)868-5916

http://www.youtube.com/watch?v=_yJBhzMWJCc&feature=player_embedded

Motto of US Government "In the United States no one can hear you scream".


"I never submitted the whole system of my opinions to the creed of any party of men whatever, in religion, in philosophy, in politics, or in anything else, where I was capable of thinking for myself. Such an addiction is the last degradation of a free and moral agent. If I could not go to heaven but with a party, I would not go there at all."

--Thomas Jefferson to Francis Hopkinson, 1789.

"A correre e cagare ci si immerda i garretti."

The TSA is to offer a new service to airline customers to appease the full body scan complaints.  They will now offer confessions as you wait in line.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.redhat.com/archives/spacewalk-list/attachments/20120426/1d59342c/attachment.html>

------------------------------

Message: 2
Date: Fri, 27 Apr 2012 09:01:42 +0200
From: Miroslav Suchy <msuchy at redhat.com>
To: spacewalk-list at redhat.com
Subject: Re: [Spacewalk-list] Spacewalk Installation - Problems with
	Certifications
Message-ID: <4F9A4456.2050908 at redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

On 26.4.2012 20:19, Gerald Buttitta wrote:
> 1. My first problem is with "Set the web.gpg_keyring in 
> /etc/rhn/default/rhn_web.conf to your newly exported keyring. "
> I do not have the /etc/rhn/default directory.
> I do have /usr/share/rhn/config-defaults/rhn_web.conf so I changed:
>   #web.gpg_keyring = /etc/webapp-keyring.gpg
>   web.gpg_keyring = /etc/spacewalkcertkey.gpg Is this sufficient?
> Should I create the defaults directory and move the contents of 
> config-defaults to it?

Do not create nor move it.
/etc/rhn/default/rhn_web.conf has been moved /usr/share/rhn/config-defaults/rhn_web.conf in 1.7 (or 1.6?).
I updated wiki.

> 2.  I tried to run:
> ./scripts_gen-oss-sat-cert.pl --orgid 1 --owner rowen --signer rowen 
> --no-pass-phrase --output /etc/rhn/default --expires 2022-04-22 
> --slots 2000 --provisioning-slots 2000 --satellite-version 1.7 and 
> found that I don't have the required directroy /var/www/lib.
> perl.x86_64 is installed.
> Note: I created an empty /etc/rhn/default directory for this step.
> What am I missing?

This is probably some residuum from past. It should not be needed. I removed it from the script.

Mirek



------------------------------

Message: 3
Date: Fri, 27 Apr 2012 11:18:14 +0200
From: ?LIPEK Krzysztof <krzysztof.slipek at bnpparibas.pl>
To: <spacewalk-list at redhat.com>
Subject: [Spacewalk-list] Spacewalk upgrade
Message-ID:
	<FDCE9ED530509545A1E477A09444C5921BD8534F at KRAKEX.fortisbank.com.pl>
Content-Type: text/plain; charset="iso-8859-2"

Hello,

I'm going to upgrade my Spacewalk server from version 1.5 to 1.7 and have one question to you - should I upgrade spacewalk client packages too on all servers connected?

 

Thanks for reply and kind regards,

Chris

 


----------------------------------------------------------------------
BNP Paribas Bank Polska SA (dawniej Fortis Bank Polska SA) z siedzib? w Warszawie przy ul. Suwak 3, zarejestrowany w S?dzie Rejonowym dla m. st. Warszawy, XIII Wydzia? Gospodarczy, KRS pod numerem 6421, NIP: 676-007-83-01, kapita? zak?adowy 1 206 175 300 z?, w ca?o?ci wp?acony.
BNP Paribas Bank Polska SA (former Fortis Bank Polska SA) with its registered office in Warsaw at ul. Suwak 3, registered with the District Court for the capital city of Warsaw, XIII Commercial Division of the National Court Register (KRS) under No. 6421, VAT PL 6760078301, holding paid-up share capital of PLN 1,206,175,300.
BNP Paribas Bank Polska SA  disclaimer:?http://www.bnpparibas.pl/legal/disclaimer.htm
----------------------------------------------------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.redhat.com/archives/spacewalk-list/attachments/20120427/1bde372c/attachment.html>

------------------------------

Message: 4
Date: Fri, 27 Apr 2012 11:28:13 +0200
From: Jan Pazdziora <jpazdziora at redhat.com>
To: spacewalk-list at redhat.com
Subject: Re: [Spacewalk-list] Spacewalk upgrade
Message-ID: <20120427092813.GJ19963 at redhat.com>
Content-Type: text/plain; charset=iso-8859-2

On Fri, Apr 27, 2012 at 11:18:14AM +0200, ?LIPEK Krzysztof wrote:
> Hello,
> 
> I'm going to upgrade my Spacewalk server from version 1.5 to 1.7 and have one question to you - should I upgrade spacewalk client packages too on all servers connected?
> 

It is not necessary to upgrade the Spacewalk client packages, but it is of course good to keep them up-to-date.

--
Jan Pazdziora
Principal Software Engineer, Satellite Engineering, Red Hat



------------------------------

Message: 5
Date: Fri, 27 Apr 2012 12:17:22 +0200
From: padawan <obbediscimisonoroot at gmail.com>
To: spacewalk-list at redhat.com
Subject: Re: [Spacewalk-list] Spacewalk upgrade
Message-ID:
	<CANnMhkSwY10WDB2prcXVMNpMhn-VkQTokhy8qzXN8CJ8b0Pivw at mail.gmail.com>
Content-Type: text/plain; charset=UTF-8

I'm running in async situation as well since few weeks, where the
server is 1.7 and clients are 1.5 - no problems so far, but I'll
upgrade the clients for consistency asap.


2012/4/27 Jan Pazdziora <jpazdziora at redhat.com>:
> On Fri, Apr 27, 2012 at 11:18:14AM +0200, ?LIPEK Krzysztof wrote:
>> Hello,
>>
>> I'm going to upgrade my Spacewalk server from version 1.5 to 1.7 and have one question to you - should I upgrade spacewalk client packages too on all servers connected?
>>
>
> It is not necessary to upgrade the Spacewalk client packages, but it
> is of course good to keep them up-to-date.
>
> --
> Jan Pazdziora
> Principal Software Engineer, Satellite Engineering, Red Hat
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list



-- 
Music and Audio Productions



------------------------------

_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

End of Spacewalk-list Digest, Vol 47, Issue 38
**********************************************

More information about the Spacewalk-list mailing list