Bug #36544: Empty The Foreman and Katello repository on client side - Katello - Foreman

Actions

Copy link

Bug #36544

closed

Empty The Foreman and Katello repository on client side

Added by Tiga Linos 11 months ago. Updated 9 months ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Security

Target version:

Katello 4.11.0

Difficulty:

Triaged:

Yes

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Katello 4.9.0

Red Hat JIRA:

Description

I want to install The Foreman External Smart Proxy on separate server.
Repository management for Foreman Smart Proxy is done by The Foreman Server.
Smart proxy server gets corresponding repositories, but there are no packages visible.
1) Software:
RHEL 8.8 for The Foreman and The Foreman Smart Proxy
The Foreman 3.7
Katello 4.9

2) Steps to reproduce
Create Product "Foreman server"
Add repositories to the product:
a) Foreman:
Type: yum
Upstream URL: https://yum.theforeman.org/releases/3.7/el8/x86_64/
Verify SSL: Yes
Unprotected: Yes
b) Katello:
Type: yum
Upstream URL: https://yum.theforeman.org/katello/4.9/katello/el8/x86_64/
Verify SSL: Yes
Unprotected: Yes
Sync repositories
Create, publish new version and promote content view named "Foreman server" for Production "Lifecycle Environment" with enabled Foreman and Katello repositories
Create Activation Key with Content view "Foreman server"
Activate server with RHEL 8.8 with activation key: subscription-manager register --org="Default_Organization" --activationkey="Foreman Smart Proxy activation key"
Check repositories: dnf repolist

Check available packages: dnf clean all && sudo dnf repo-pkgs Default_Organization_Foreman_server_Katello list

3) Expected result
Packages from Default_Organization_Foreman_server_Katello repository should be listed

4) Actual result
Packages from Default_Organization_Foreman_server_Katello are not listed - the list is empty

5) Characterization/isolation
The issue persists with or without GPGKEY configured in The Foreman repositories
Repository with packages are visible on The Foreman server via web browser: https://<the_foreman_server_fqdn>/pulp/content/Default_Organization/Production/Foreman_server/custom/Foreman_server/Katello/
The same repository is set on the Client in file /etc/yum.repos.d/redhat.repo

Files

foreman_proxy_content package visible via web browser.jpg	View foreman_proxy_content package visible via web browser.jpg	99.8 KB	Tiga Linos, 06/28/2023 11:17 AM
no package available on katello repo.jpg	View no package available on katello repo.jpg	105 KB	Tiga Linos, 06/28/2023 11:17 AM
katello repodata.jpg	View katello repodata.jpg	70.1 KB	Tiga Linos, 06/28/2023 11:17 AM
yum.repos.d_redhat.repo.jpg	View yum.repos.d_redhat.repo.jpg	172 KB	Tiga Linos, 06/28/2023 11:17 AM

Actions

Copy link

Updated by Samir Jha 11 months ago

Assignee set to Samir Jha

Actions

Copy link

Updated by Tiga Linos 11 months ago

The issue is related with DISA STIG security profile.
I tried to install foreman-proxy-content package on RHEL 8.8 with DIS STIG, but the Foreman and Katello repos are not available from repository placed directly in /etc/yum.repos.d

Actions

Copy link

Updated by Samir Jha 10 months ago

Category changed from Repositories to Security
Assignee deleted (~~Samir Jha~~)

Actions

Copy link

Updated by Chris Roberts 10 months ago

Hi,

We are going to look at this issue, in the meantime can you open an thread on https://community.theforeman.org and post your question here as well incase other members of the community have hit this or have a possible workaround?

Also, can you post the `/var/log/rhsm.log` and output of `yum repolist -vvv`

Actions

Copy link

Updated by Chris Roberts 10 months ago

Target version set to Katello 4.11.0
Triaged changed from No to Yes

Actions

Copy link

Updated by Tiga Linos 9 months ago

/var/log/rhsm.log does not exist.

Output from yum repolist -vvv is below

[superadmin@foreman-smart-proxy ~]$ sudo cat /var/log/rhsm.log
cat: /var/log/rhsm.log: No such file or directory
[superadmin@foreman-smart-proxy ~]$ sudo yum repolist -vvv
Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, fapolicyd, generate_completion_cache, groups-manager, needs-restarting, playground, product-id, repoclosure, repodiff, repograph, repomanage, reposync, subscription-manager, system-upgrade, uploadprofile
Updating Subscription Management repositories.
YUM version: 4.7.0
cachedir: /var/cache/dnf
The Foreman Server 3.7 for EL8                                                                                                                                       16 kB/s | 1.8 kB     00:00
Katello 4.9 for EL8                                                                                                                                                  15 kB/s | 1.8 kB     00:00
Repo-id            : Default_Organization_The_Foreman_Server_Katello_4_9_for_EL8
Repo-name          : Katello 4.9 for EL8
Repo-revision      : 1688731882
Repo-updated       : Fri 07 Jul 2023 02:11:21 PM CEST
Repo-pkgs          : 90
Repo-available-pkgs: 0
Repo-size          : 63 M
Repo-baseurl       : https://foreman.curiosity.local/pulp/content/Default_Organization/Production/Foreman_Server/custom/The_Foreman_Server/Katello_4_9_for_EL8
Repo-expire        : Instant (last: Tue 08 Aug 2023 12:25:25 PM CEST)
Repo-filename      : /etc/yum.repos.d/redhat.repo

Repo-id            : Default_Organization_The_Foreman_Server_The_Foreman_Server_3_7_for_EL8
Repo-name          : The Foreman Server 3.7 for EL8
Repo-revision      : 1688731889
Repo-updated       : Fri 07 Jul 2023 02:11:28 PM CEST
Repo-pkgs          : 582
Repo-available-pkgs: 0
Repo-size          : 291 M
Repo-baseurl       : https://foreman.curiosity.local/pulp/content/Default_Organization/Production/Foreman_Server/custom/The_Foreman_Server/The_Foreman_Server_3_7_for_EL8
Repo-expire        : Instant (last: Thu 01 Jan 1970 01:00:00 AM CET)
Repo-filename      : /etc/yum.repos.d/redhat.repo
Total packages: 672

Actions

Copy link