[Spacewalk-list] Can't install post kickstart install

Lachlan Musicman datakid at gmail.com
Tue Apr 5 01:18:17 UTC 2016 

Thanks Avi - on the second one, should I be supplying the official URL, or
the url of my copy of the key? Do I need to fill out all three fields, or
just one?

cheers
L.

------
The most dangerous phrase in the language is, "We've always done it this
way."

- Grace Hopper

On 5 April 2016 at 11:01, Avi Miller <avi.miller at oracle.com> wrote:

> Hi,
>
> You put them in the first two. The third location (in the repository) is
> to configure SSL certificates to communicate with the repository. Commonly
> used for RHN-based repos (and perhaps SUSE repos, but I'm not sure about
> that).
>
> The first location adds the GPG key to Spacewalk, so you can deploy it
> during kickstart.
> The second location configures where yum will look for the GPG key (if not
> already installed) and how to verify that it has the right one.
>
> I also have a GPG Configuration Channel so that I can deploy keys to
> machines that were not installed via kickstart, but still need to have the
> keys installed.
>
> Cheers,
> Avi
>
> On 5 Apr 2016, at 10:44 AM, Lachlan Musicman <datakid at gmail.com> wrote:
>
> One final question. Now I have the relevant GPG keys, do I put them:
>
>  - in System -> Kickstart -> GPG and SSL keys, then activate them in the
> profile   OR
>  - in Channels -> Manage Channels -> the Channel in question -> Basic
> Channel Details, at the bottom   OR
>  - in Channels -> Manage Channels -> Manage Repositories -> Repository in
> question.
>
> Or do I put them in all three, or just two. In the third option - the
> Repositories - the drop down only allows for the single SSL cert that I
> created at the start, none of the GPG keys are available.
>
> Cheers
> L.
>
> ------
> The most dangerous phrase in the language is, "We've always done it this
> way."
>
> - Grace Hopper
>
> On 5 April 2016 at 09:27, Lachlan Musicman <datakid at gmail.com> wrote:
>
>> Ah, ok. Thanks.
>>
>> It's becoming clearer now. Did I miss something, or is it that I'm just
>> not aware enough of how these systems work...
>>
>> Hmmm.
>>
>> cheers
>> L.
>>
>> ------
>> The most dangerous phrase in the language is, "We've always done it this
>> way."
>>
>> - Grace Hopper
>>
>> On 5 April 2016 at 08:57, Avi Miller <avi.miller at oracle.com> wrote:
>>
>>> Hi,
>>>
>>> On 5 Apr 2016, at 8:41 AM, Lachlan Musicman <datakid at gmail.com> wrote:
>>>
>>> We have an SSL cert on that page - is that not enough? Do I need a
>>> separate gpg key? I would presume the cert was sufficient - at no point in
>>> the documentation did I see an explicit instruction to make one of each?
>>>
>>>
>>> That is not sufficient. That is the CA certificate for your Spacewalk
>>> instance. It's not the GPG key for the CentOS RPMs. You need to create a
>>> GPG key with the content from CentOS and deploy it during kickstart, so
>>> that yum has a valid GPG key against which to test the signature of the
>>> RPMs.
>>>
>>> So, you'd need to get a copy of the CentOS GPG key (usually found in
>>> /etc/pki/rpm-gpg on an already installed machine) and create a GPG key with
>>> the content of that key. You would then need to update your Kickstart
>>> Profile to deploy that GPG key during install, so that packages can be
>>> installed during the post-install phase, i.e. after registration with
>>> Spacewalk and post the Anaconda process.
>>>
>>> Hope that helps,
>>> Avi
>>>
>>> --
>>> Oracle <http://www.oracle.com>
>>> Avi Miller | Product Management Director | +61 (3) 8616 3496
>>> Oracle Linux and Virtualization
>>> 417 St Kilda Road, Melbourne, Victoria 3004 Australia
>>>
>>>
>>> _______________________________________________
>>> Spacewalk-list mailing list
>>> Spacewalk-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>>
>>
>>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
>
> --
> Oracle <http://www.oracle.com>
> Avi Miller | Product Management Director | +61 (3) 8616 3496
> Oracle Linux and Virtualization
> 417 St Kilda Road, Melbourne, Victoria 3004 Australia
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20160405/0d0387b7/attachment.htm>

More information about the Spacewalk-list mailing list