[Spacewalk-list] Can't install post kickstart install
Lachlan Musicman
datakid at gmail.com
Tue Apr 5 00:49:12 UTC 2016
------
The most dangerous phrase in the language is, "We've always done it this
way."
- Grace Hopper
On 5 April 2016 at 10:44, Lachlan Musicman <datakid at gmail.com> wrote:
> One final question. Now I have the relevant GPG keys, do I put them:
>
> - in System -> Kickstart -> GPG and SSL keys, then activate them in the
> profile OR
> - in Channels -> Manage Channels -> the Channel in question -> Basic
> Channel Details, at the bottom OR
> - in Channels -> Manage Channels -> Manage Repositories -> Repository in
> question.
>
> Or do I put them in all three, or just two. In the third option - the
> Repositories - the drop down only allows for the single SSL cert that I
> created at the start, none of the GPG keys are available.
>
> Cheers
> L.
>
> ------
> The most dangerous phrase in the language is, "We've always done it this
> way."
>
> - Grace Hopper
>
> On 5 April 2016 at 09:27, Lachlan Musicman <datakid at gmail.com> wrote:
>
>> Ah, ok. Thanks.
>>
>> It's becoming clearer now. Did I miss something, or is it that I'm just
>> not aware enough of how these systems work...
>>
>> Hmmm.
>>
>> cheers
>> L.
>>
>> ------
>> The most dangerous phrase in the language is, "We've always done it this
>> way."
>>
>> - Grace Hopper
>>
>> On 5 April 2016 at 08:57, Avi Miller <avi.miller at oracle.com> wrote:
>>
>>> Hi,
>>>
>>> On 5 Apr 2016, at 8:41 AM, Lachlan Musicman <datakid at gmail.com> wrote:
>>>
>>> We have an SSL cert on that page - is that not enough? Do I need a
>>> separate gpg key? I would presume the cert was sufficient - at no point in
>>> the documentation did I see an explicit instruction to make one of each?
>>>
>>>
>>> That is not sufficient. That is the CA certificate for your Spacewalk
>>> instance. It's not the GPG key for the CentOS RPMs. You need to create a
>>> GPG key with the content from CentOS and deploy it during kickstart, so
>>> that yum has a valid GPG key against which to test the signature of the
>>> RPMs.
>>>
>>> So, you'd need to get a copy of the CentOS GPG key (usually found in
>>> /etc/pki/rpm-gpg on an already installed machine) and create a GPG key with
>>> the content of that key. You would then need to update your Kickstart
>>> Profile to deploy that GPG key during install, so that packages can be
>>> installed during the post-install phase, i.e. after registration with
>>> Spacewalk and post the Anaconda process.
>>>
>>> Hope that helps,
>>> Avi
>>>
>>> --
>>> Oracle <http://www.oracle.com>
>>> Avi Miller | Product Management Director | +61 (3) 8616 3496
>>> Oracle Linux and Virtualization
>>> 417 St Kilda Road, Melbourne, Victoria 3004 Australia
>>>
>>>
>>> _______________________________________________
>>> Spacewalk-list mailing list
>>> Spacewalk-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20160405/627b54a8/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: repositories_gpg.png
Type: image/png
Size: 32869 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20160405/627b54a8/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: channels_gpg.png
Type: image/png
Size: 16544 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20160405/627b54a8/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: activate_in_profile.png
Type: image/png
Size: 48576 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20160405/627b54a8/attachment-0002.png>
More information about the Spacewalk-list
mailing list