[Spacewalk-list] Using internal spacewalk to manage DMZ hosts?

2018-01-29 Thread Ben Roberts 
Hi all,

I'm looking to extend an existing internal spacewalk to also allow
management of DMZ hosts without having to setup a completely parallel
infrastructure. I'd like some advice on how best to lock it down to
prevent a compromise of any host in the DMZ (either a client, or the
proxy host itself) being used as a platform to attack the internal
spacewalk server.

The approach I am considering is running a chain of two Proxy servers,
one on inside the DMZ and one internally, with firewall holes open
between the two Proxy servers only. I think this would ensure the
external proxy doesn't have direct access to communicate with the real
master, and any lockdown done on the internal proxy doesn't affect
functionality for internal clients. I see that I can disable proxying
of the webui, content push (rhn), applet, cobbler, config management
and applet endpoints by tweaking the spacewalk-proxy-wsgi apache
config file to expose the bare minimum services.

However, I'm concerned about the security of the XMLRPC itself. Is
there any way to permit only "system registration" and other "read
only" API functions necessary for client management (e.g. repo
metadata download)?
If I understand correctly, leaving the api as-is means the only
protection that stands in the way of a password brute force against
the admin account via the api interface is a 2s delay on failed
logins. Is there any built-in, or suitably easy addon method to
whitelist IP addresses for auth.* calls?

If I'm on completely the wrong track, how are other people on this
list managing DMZ hosts using spacewalk?

Thanks all,
Ben Roberts

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] SUSE 12 SP1 repository error in Spacewalk 2.7 on centos 6.7

2018-01-29 Thread suhail.siddiqui 
Team please help mine all servers running on SLES12 and due to repo sync issue 
I am not able to patch my servers , i tired new nightly build also with centos 
7.4 but it didn't worked for me let me know if changing OS version can solve 
the issue ?

Best Regards,
Suhail Siddiqui
Service Delivery – Datacenter Services
HCL Technologies Ltd. – UPM Partner for IT Services
Mob: +91-9717193941<%20%20>

From: Suhail Siddiqui, HCL
Sent: Sunday, January 28, 2018 6:48 AM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] SUSE 12 SP1 repository error in Spacewalk 2.7 on 
centos 6.7

Dear Team,

Can you please help me to get suse 12 repos working in spacewalk, let me know 
which os version should i pick to work with latest commit for suse12 token auth 
url sync?

Best Regards,

Suhail Siddiqui

Service Delivery – Datacenter Services

HCL Technologies Ltd. – UPM Partner for IT Services

Mob: +91-9717193941<%20%20>


From: Suhail Siddiqui, HCL
Sent: Thursday, January 25, 2018 2:12 PM
To: Sadri, Wafa (BITBW); spacewalk-list@redhat.com
Subject: RE: [Spacewalk-list] SUSE 12 SP1 repository error in Spacewalk 2.7 on 
centos 6.7

Sorry My mistake  the issue in SUSE 12 Repository , correcting subject line 
with SUSE 12 .

Best Regards,
Suhail Siddiqui
Service Delivery – Datacenter Services
HCL Technologies Ltd. – UPM Partner for IT Services
Mob: +91-9717193941

-Original Message-
From: Sadri, Wafa (BITBW) [mailto:wafa.sa...@bitbw.bwl.de]
Sent: 25 January 2018 09:11
To: spacewalk-list@redhat.com; Suhail Siddiqui, HCL 

Subject: AW: [Spacewalk-list] SUSE 11 SP4 repository error in Spacewalk 2.7 on 
centos 6.7

Dear Suhail,

the URL you are looking for is as follows:

https://:@nu.novell.com/repo/$RCE/SLES11-SP4-Pool/sle-11-x86_64/

where  is a 6-digit-number and  is your password.

don't forget the kolon in between.

regards,
Wafa


-Ursprüngliche Nachricht-
Von: spacewalk-list-boun...@redhat.com 
[mailto:spacewalk-list-boun...@redhat.com] Im Auftrag von Robert Paschedag
Gesendet: Donnerstag, 25. Januar 2018 07:58
An: spacewalk-list@redhat.com; suhail.siddi...@visitor.upm.com
Betreff: Re: [Spacewalk-list] SUSE 11 SP4 repository error in Spacewalk 2.7 on 
centos 6.7

Am 25. Januar 2018 06:50:49 MEZ schrieb suhail.siddi...@visitor.upm.com:
>
>Hi Team,
>
>Please help me for below issue.
>
>Best Regards,
>Suhail Siddiqui
>Service Delivery – Datacenter Services
>HCL Technologies Ltd. – UPM Partner for IT Services
>Mob: +91-9717193941<%20%20>
>
>From: Suhail Siddiqui, HCL
>Sent: Thursday, January 18, 2018 7:48 PM
>To: spacewalk-list@redhat.com
>Subject: SUSE 11 SP4 repository error in Spacewalk 2.7 on centos 6.7
>
>Hi Team,
>
>Can you please help me to fix the below issue in spacewalk while adding
>repository  for SUSE 11 SP4
>
>
>2018/01/18 13:30:50 +03:00 ERROR: Cannot retrieve repository metadata
>(repomd.xml) for repository: repo__SLES11-SP4-Pool_sle-11-x86_64_.
>Please verify its path and try again
>
>2018/01/18 13:23:10 +03:00 Command: ['/usr/bin/spacewalk-repo-sync',
>'-t', 'yum', '-c', 'susesp114_product', '-u',
>'https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fupd
>ates.suse.com%2Frepo%2F%2FSLES11-SP4-Pool%2Fsle-11-x86_64=02%7C01%
>7Cv766245%40mgd.upm.com%7Cb8f3b678b0a949295d3c08d563c2c7d0%7C9eab37f091
>c647e39c00fe8544bd272e%7C1%7C0%7C636524610589675640=m%2B6%2BSqRhG
>QtPwVCMbr1y6s2%2B9SdafbWIkEB6zvUkwxg%3D=0']
>
>2018/01/18 13:23:10 +03:00 Sync of channel started.
>
>2018/01/18 13:23:10 +03:00 Repo URL:
>https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fupda
>tes.suse.com%2Frepo%2F%2FSLES11-SP4-Pool%2Fsle-11-x86_64=02%7C01%7
>Cv766245%40mgd.upm.com%7Cb8f3b678b0a949295d3c08d563c2c7d0%7C9eab37f091c
>647e39c00fe8544bd272e%7C1%7C0%7C636524610589675640=m%2B6%2BSqRhGQ
>tPwVCMbr1y6s2%2B9SdafbWIkEB6zvUkwxg%3D=0
>
>2018/01/18 13:24:10 +03:00 ERROR: Cannot retrieve repository metadata
>(repomd.xml) for repository: repo__SLES11-SP4-Pool_sle-11-x86_64.
>Please verify its path and try again
>
>2018/01/18 13:24:10 +03:00 ERROR: Cannot retrieve repository metadata
>(repomd.xml) for repository: repo__SLES11-SP4-Pool_sle-11-x86_64.
>Please verify its path and try again
>
>2018/01/18 13:24:10 +03:00 Sync of channel completed in 0:01:00.
>
>2018/01/18 13:30:09 +03:00 Command: ['/usr/bin/spacewalk-repo-sync',
>'-t', 'yum', '-c', 'susesp114_product', '-u',
>'https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnu.
>novell.com%2Frepo%2F%2FSLES11-SP4-Pool%2Fsle-11-x86_64%2F=02%7C01%
>7Cv766245%40mgd.upm.com%7Cb8f3b678b0a949295d3c08d563c2c7d0%7C9eab37f091
>c647e39c00fe8544bd272e%7C1%7C0%7C636524610589675640=YaPXt8IwKPw%2
>Fr%2BQXdCO1dnjJMT2cH1TKGRSoWeaHHWw%3D=0']
>
>2018/01/18 13:30:09 +03:00 Sync of channel started.
>
>2018/01/18 13:30:09 +03:00 Repo URL:
>https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnu.n

Re: [Spacewalk-list] Using Spacewalk for RHEL Clients

2018-01-29 Thread Samer Odeh 
Thank you so much,

But Still I am wondering how I got the keys and certificates :-), I mean
those ones:

RHEL CA Signing Certificate, RHEL Client Key, and RHEL Entitlement

sslcacert = /etc/rhsm/ca/redhat-uep.pem(the RHEL CA Signing SSL
certificate)
sslclientkey = /etc/pki/entitlement/-key.pem   (RHEL
Client Key SSL certificate)
sslclientcert = /etc/pki/entitlement/.pem(RHEL Entitlement/Client certificate)


Many Thanks





> Date: Mon, 29 Jan 2018 14:47:02 +
> From: "DiOrio, Max" <max.dio...@ieeeglobalspec.com>
> To: "spacewalk-list@redhat.com" <spacewalk-list@redhat.com>
> Subject: Re: [Spacewalk-list] Spacewalk-list Digest, Vol 116, Issue 52
> Message-ID:
> <CY4PR19MB13682CD25AE65DA0392CC637FBE50@CY4PR19MB1368.
> namprd19.prod.outlook.com>
>
> Content-Type: text/plain; charset="utf-8"
>
> Log into a server that?s registered to your RHN subscription and grab them
> from the directory specified.
>
> Max DiOrio
> Global Systems Administrator
>
> From: spacewalk-list-boun...@redhat.com [mailto:spacewalk-list-
> boun...@redhat.com] On Behalf Of Samer Odeh
> Sent: Monday, January 29, 2018 9:45 AM
> To: spacewalk-list@redhat.com
> Subject: Re: [Spacewalk-list] Spacewalk-list Digest, Vol 116, Issue 52
>
> Thank you so much,
>
> But Still I am wondering how I got the keys and certificates :-), I mean
> those ones:
>
>
> RHEL CA Signing Certificate, RHEL Client Key, and RHEL Entitlement
>
> sslcacert = /etc/rhsm/ca/redhat-uep.pem
>(the RHEL CA Signing SSL certificate)
>
> sslclientkey = /etc/pki/entitlement/-key.pem
>  (RHEL Client Key SSL certificate)
>
> sslclientcert = /etc/pki/entitlement/ above>.pem(RHEL Entitlement/Client certificate)
>
> Many Thanks
>
> On Mon, Jan 29, 2018 at 3:28 PM, <spacewalk-list-requ...@redhat.com
> <mailto:spacewalk-list-requ...@redhat.com>> wrote:
> Send Spacewalk-list mailing list submissions to
> spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://www.redhat.com/mailman/listinfo/spacewalk-list
> or, via email, send a message with subject or body 'help' to
> spacewalk-list-requ...@redhat.com<mailto:spacewalk-list-
> requ...@redhat.com>
>
> You can reach the person managing the list at
> spacewalk-list-ow...@redhat.com<mailto:spacewalk-list-
> ow...@redhat.com>
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Spacewalk-list digest..."
>
>
> Today's Topics:
>
>1. Using Spacewalk for RHEL Clients (Samer Odeh)
>2. Re: Using Spacewalk for RHEL Clients (DiOrio, Max)
>
>
> --
>
> Message: 1
> Date: Mon, 29 Jan 2018 15:06:37 +0100
> From: Samer Odeh <samer...@gmail.com<mailto:samer...@gmail.com>>
> To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
> Subject: [Spacewalk-list] Using Spacewalk for RHEL Clients
> Message-ID:
> <CAPsLEuOevy6YmKPgGFi8oS+40vTM4Dxz377FZd=CcRwoa-7tDg@
> mail.gmail.com<mailto:ccrwoa-7...@mail.gmail.com>>
> Content-Type: text/plain; charset="utf-8"
>
> Hello Folks,
>
> I tried Spacewalk to patch many CentOS instances and that works very well,
> and now I am completely lost trying to figure out how  can use Sapcewalk
> Server to download RPMs to RHEL (I have RHEL Linux subscription) but I
> don't have Satellite subscription.
>
> I wen through many articles and threads and I can't find a clear procedure
> how to do it, please note I installed my Spacewalk Server on Cent OS 7, but
> I believe that should be still OK.
>
> Many thanks in advance
>
> Sincerely,
> -- next part --
> An HTML attachment was scrubbed...
> URL: <https://www.redhat.com/archives/spacewalk-list/
> attachments/20180129/1d7376f6/attachment.html>
>
> --
>
> Message: 2
> Date: Mon, 29 Jan 2018 14:28:31 +
> From: "DiOrio, Max" <max.dio...@ieeeglobalspec.com<mailto:Max.DiOrio@
> ieeeglobalspec.com>>
> To: "spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>" <
> spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>>
> Subject: Re: [Spacewalk-list] Using Spacewalk for RHEL Clients
> Message-ID:
> <CY4PR19MB1368050967CE618558EE68AAFBE50@CY4PR19MB1368.
> namprd19.prod.outlook.com<mailto:CY4PR19MB1368050967CE61
> 8558ee68aafb...@cy4pr19mb1368.namprd19.prod.outlook.com>>
>
> Cont

Re: [Spacewalk-list] Spacewalk-list Digest, Vol 116, Issue 52

2018-01-29 Thread DiOrio, Max 
Log into a server that’s registered to your RHN subscription and grab them from 
the directory specified.

Max DiOrio
Global Systems Administrator

From: spacewalk-list-boun...@redhat.com 
[mailto:spacewalk-list-boun...@redhat.com] On Behalf Of Samer Odeh
Sent: Monday, January 29, 2018 9:45 AM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Spacewalk-list Digest, Vol 116, Issue 52

Thank you so much,

But Still I am wondering how I got the keys and certificates :-), I mean those 
ones:


RHEL CA Signing Certificate, RHEL Client Key, and RHEL Entitlement

sslcacert = /etc/rhsm/ca/redhat-uep.pem 
  (the RHEL CA Signing SSL certificate)

sslclientkey = /etc/pki/entitlement/-key.pem   (RHEL 
Client Key SSL certificate)

sslclientcert = /etc/pki/entitlement/.pem
(RHEL Entitlement/Client certificate)

Many Thanks

On Mon, Jan 29, 2018 at 3:28 PM, 
<spacewalk-list-requ...@redhat.com<mailto:spacewalk-list-requ...@redhat.com>> 
wrote:
Send Spacewalk-list mailing list submissions to
spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>

To subscribe or unsubscribe via the World Wide Web, visit
https://www.redhat.com/mailman/listinfo/spacewalk-list
or, via email, send a message with subject or body 'help' to

spacewalk-list-requ...@redhat.com<mailto:spacewalk-list-requ...@redhat.com>

You can reach the person managing the list at
spacewalk-list-ow...@redhat.com<mailto:spacewalk-list-ow...@redhat.com>

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Spacewalk-list digest..."


Today's Topics:

   1. Using Spacewalk for RHEL Clients (Samer Odeh)
   2. Re: Using Spacewalk for RHEL Clients (DiOrio, Max)


--

Message: 1
Date: Mon, 29 Jan 2018 15:06:37 +0100
From: Samer Odeh <samer...@gmail.com<mailto:samer...@gmail.com>>
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: [Spacewalk-list] Using Spacewalk for RHEL Clients
Message-ID:

<CAPsLEuOevy6YmKPgGFi8oS+40vTM4Dxz377FZd=ccrwoa-7...@mail.gmail.com<mailto:ccrwoa-7...@mail.gmail.com>>
Content-Type: text/plain; charset="utf-8"

Hello Folks,

I tried Spacewalk to patch many CentOS instances and that works very well,
and now I am completely lost trying to figure out how  can use Sapcewalk
Server to download RPMs to RHEL (I have RHEL Linux subscription) but I
don't have Satellite subscription.

I wen through many articles and threads and I can't find a clear procedure
how to do it, please note I installed my Spacewalk Server on Cent OS 7, but
I believe that should be still OK.

Many thanks in advance

Sincerely,
-- next part --
An HTML attachment was scrubbed...
URL: 
<https://www.redhat.com/archives/spacewalk-list/attachments/20180129/1d7376f6/attachment.html>

--

Message: 2
Date: Mon, 29 Jan 2018 14:28:31 +
From: "DiOrio, Max" 
<max.dio...@ieeeglobalspec.com<mailto:max.dio...@ieeeglobalspec.com>>
To: "spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>" 
<spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>>
Subject: Re: [Spacewalk-list] Using Spacewalk for RHEL Clients
Message-ID:

<cy4pr19mb1368050967ce618558ee68aafb...@cy4pr19mb1368.namprd19.prod.outlook.com<mailto:cy4pr19mb1368050967ce618558ee68aafb...@cy4pr19mb1368.namprd19.prod.outlook.com>>

Content-Type: text/plain; charset="utf-8"

https://www.redhat.com/archives/spacewalk-list/2016-January/msg00014.html


Max DiOrio
Global Systems Administrator

From: 
spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com> 
[mailto:spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com>]
 On Behalf Of Samer Odeh
Sent: Monday, January 29, 2018 9:07 AM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: [Spacewalk-list] Using Spacewalk for RHEL Clients

Hello Folks,

I tried Spacewalk to patch many CentOS instances and that works very well, and 
now I am completely lost trying to figure out how  can use Sapcewalk Server to 
download RPMs to RHEL (I have RHEL Linux subscription) but I don't have 
Satellite subscription.

I wen through many articles and threads and I can't find a clear procedure how 
to do it, please note I installed my Spacewalk Server on Cent OS 7, but I 
believe that should be still OK.

Many thanks in advance

Sincerely,

-- next part --
An HTML attachment was scrubbed...
URL: 
<https://www.redhat.com/archives/spacewalk-list/attachments/20180129/b02ba750/attachment.html>

--

___
Spacewalk

Re: [Spacewalk-list] Spacewalk-list Digest, Vol 116, Issue 52

2018-01-29 Thread Samer Odeh 
Thank you so much,

But Still I am wondering how I got the keys and certificates :-), I mean
those ones:

RHEL CA Signing Certificate, RHEL Client Key, and RHEL Entitlement

sslcacert = /etc/rhsm/ca/redhat-uep.pem
   (the RHEL CA Signing SSL certificate)
sslclientkey = /etc/pki/entitlement/-key.pem
(RHEL Client Key SSL certificate)
sslclientcert = /etc/pki/entitlement/.pem(RHEL Entitlement/Client certificate)

Many Thanks


On Mon, Jan 29, 2018 at 3:28 PM, <spacewalk-list-requ...@redhat.com> wrote:

> Send Spacewalk-list mailing list submissions to
> spacewalk-list@redhat.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://www.redhat.com/mailman/listinfo/spacewalk-list
> or, via email, send a message with subject or body 'help' to
> spacewalk-list-requ...@redhat.com
>
> You can reach the person managing the list at
> spacewalk-list-ow...@redhat.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Spacewalk-list digest..."
>
>
> Today's Topics:
>
>1. Using Spacewalk for RHEL Clients (Samer Odeh)
>2. Re: Using Spacewalk for RHEL Clients (DiOrio, Max)
>
>
> --
>
> Message: 1
> Date: Mon, 29 Jan 2018 15:06:37 +0100
> From: Samer Odeh <samer...@gmail.com>
> To: spacewalk-list@redhat.com
> Subject: [Spacewalk-list] Using Spacewalk for RHEL Clients
> Message-ID:
> <CAPsLEuOevy6YmKPgGFi8oS+40vTM4Dxz377FZd=CcRwoa-7tDg@
> mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hello Folks,
>
> I tried Spacewalk to patch many CentOS instances and that works very well,
> and now I am completely lost trying to figure out how  can use Sapcewalk
> Server to download RPMs to RHEL (I have RHEL Linux subscription) but I
> don't have Satellite subscription.
>
> I wen through many articles and threads and I can't find a clear procedure
> how to do it, please note I installed my Spacewalk Server on Cent OS 7, but
> I believe that should be still OK.
>
> Many thanks in advance
>
> Sincerely,
> -- next part --
> An HTML attachment was scrubbed...
> URL: <https://www.redhat.com/archives/spacewalk-list/
> attachments/20180129/1d7376f6/attachment.html>
>
> --
>
> Message: 2
> Date: Mon, 29 Jan 2018 14:28:31 +
> From: "DiOrio, Max" <max.dio...@ieeeglobalspec.com>
> To: "spacewalk-list@redhat.com" <spacewalk-list@redhat.com>
> Subject: Re: [Spacewalk-list] Using Spacewalk for RHEL Clients
> Message-ID:
> <CY4PR19MB1368050967CE618558EE68AAFBE50@CY4PR19MB1368.
> namprd19.prod.outlook.com>
>
> Content-Type: text/plain; charset="utf-8"
>
> https://www.redhat.com/archives/spacewalk-list/2016-January/msg00014.html
>
>
> Max DiOrio
> Global Systems Administrator
>
> From: spacewalk-list-boun...@redhat.com [mailto:spacewalk-list-
> boun...@redhat.com] On Behalf Of Samer Odeh
> Sent: Monday, January 29, 2018 9:07 AM
> To: spacewalk-list@redhat.com
> Subject: [Spacewalk-list] Using Spacewalk for RHEL Clients
>
> Hello Folks,
>
> I tried Spacewalk to patch many CentOS instances and that works very well,
> and now I am completely lost trying to figure out how  can use Sapcewalk
> Server to download RPMs to RHEL (I have RHEL Linux subscription) but I
> don't have Satellite subscription.
>
> I wen through many articles and threads and I can't find a clear procedure
> how to do it, please note I installed my Spacewalk Server on Cent OS 7, but
> I believe that should be still OK.
>
> Many thanks in advance
>
> Sincerely,
>
> -- next part --
> An HTML attachment was scrubbed...
> URL: <https://www.redhat.com/archives/spacewalk-list/
> attachments/20180129/b02ba750/attachment.html>
>
> --
>
> ___
> Spacewalk-list mailing list
> Spacewalk-list@redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
> End of Spacewalk-list Digest, Vol 116, Issue 52
> ***
>
___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Using Spacewalk for RHEL Clients

2018-01-29 Thread DiOrio, Max 
https://www.redhat.com/archives/spacewalk-list/2016-January/msg00014.html


Max DiOrio
Global Systems Administrator

From: spacewalk-list-boun...@redhat.com 
[mailto:spacewalk-list-boun...@redhat.com] On Behalf Of Samer Odeh
Sent: Monday, January 29, 2018 9:07 AM
To: spacewalk-list@redhat.com
Subject: [Spacewalk-list] Using Spacewalk for RHEL Clients

Hello Folks,

I tried Spacewalk to patch many CentOS instances and that works very well, and 
now I am completely lost trying to figure out how  can use Sapcewalk Server to 
download RPMs to RHEL (I have RHEL Linux subscription) but I don't have 
Satellite subscription.

I wen through many articles and threads and I can't find a clear procedure how 
to do it, please note I installed my Spacewalk Server on Cent OS 7, but I 
believe that should be still OK.

Many thanks in advance

Sincerely,

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Using Spacewalk for RHEL Clients

2018-01-29 Thread Samer Odeh 
Hello Folks,

I tried Spacewalk to patch many CentOS instances and that works very well,
and now I am completely lost trying to figure out how  can use Sapcewalk
Server to download RPMs to RHEL (I have RHEL Linux subscription) but I
don't have Satellite subscription.

I wen through many articles and threads and I can't find a clear procedure
how to do it, please note I installed my Spacewalk Server on Cent OS 7, but
I believe that should be still OK.

Many thanks in advance

Sincerely,
___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] can not join a client to spacewalk master server

2018-01-29 Thread Afify, Sherif S (IBS) 
Hi Michael, I can login to the rhnschema and can view what inside the tables 
and the logs do not show that the database have issue . You still see it’s a 
database ?





id  | parent_channel | org_id | channel_arch_id |label  
  |  basedir  |name |   summary 
  | description | product_name_id |  
gpg_key_url
| gpg_key_id | gpg_key_fp | 
end_of_life | checksum_type_id | receiving_updates | last_modified  
   |  last_synced  | channel_product_id | channel_access | 
maint_name | maint_email | maint_phone |
support_policy |created|   modified
-+++-+-+---+-+-+-+-+---
+++-+--+---+---+---++++-+-+
+---+---
115 |101 |  1 | 513 | centos-6-mysql56-x86_64   
  | /dev/null | centos-6-mysql56-x86_64 | 
centos-6-mysql56-x86_64 | | | 
http://repo.mysql.com/RPM-GPG-KEY-mysql
| 5072E1F5   | A4A9 4068 76FC BD3C 4567  70C8 8C71 8D3B 5072 E1F5 | 
|2 | Y | 2018-01-22 18:49:06.72883+00  | 
2018-01-22 18:49:06.72883+00  || private|   
 | | |
| 2018-01-21 20:37:25.513221+00 | 2018-01-21 20:37:25.513221+00
121 |102 |  1 | 513 | centos-7-epel-x86_64  
  | /dev/null | centos-7-epel-x86_64| centos-7-epel-x86_64  
  | | | 
http://ftp.utexas.edu/epel/RPM-GPG-KEY-EPEL-7Server
| 352C64E5   | 91E9 7D7C 4A5E 96F1 7F3E  888F 6A2F AEA2 352C 64E5 | 
|2 | Y | 2018-01-23 00:50:53.821018+00 | 
2018-01-23 00:50:53.821018+00 || private|   
 | | |
| 2018-01-21 20:38:03.416908+00 | 2018-01-21 20:38:03.416908+00
117 |102 |  1 | 513 | centos-7-centosplus-x86_64
  | /dev/null | centos-7-centosplus-x86_64  | 
centos-7-centosplus-x86_64  | | | 
https://www.centos.org/keys/RPM-GPG-KEY-CentOS-7
| F4A80EB5   | 6341 AB27 53D7 8A78 A7C2  7BB1 24C6 A8A7 F4A8 0EB5 | 
|2 | Y | 2018-01-22 21:59:56.158346+00 | 
2018-01-22 21:59:56.158346+00 || private|   
 | | |
| 2018-01-21 20:38:03.224814+00 | 2018-01-21 20:38:03.224814+00
110 |101 |  1 | 513 | centos-6-centosplus-x86_64
  | /dev/null | centos-6-centosplus-x86_64  | 
centos-6-centosplus-x86_64  | | | 
https://www.centos.org/keys/RPM-GPG-KEY-CentOS-6
| C105B9DE   | 69B3 0F26 BA2B 3AA4 C27C  E4F5 3B75 CF79 D0FF 3D16 | 
|2 | Y | 2018-01-22 16:19:34.10245+00  | 
2018-01-22 16:19:34.10245+00  || private|   
 | | |
| 2018-01-21 20:37:21.896316+00 | 2018-01-21 20:37:21.896316+00
105 |101 |  1 | 513 | spacewalk-centos-6-x86_64 
  | /dev/null | spacewalk-centos-6-x86_64   | 
spacewalk-centos-6-x86_64   | | | 
http://yum.spacewalkproject.org/RPM-GPG-KEY-spacewalk-2015
| B8002DE1   | A5FC 508C DD3C C46D 3C3B  4612 DCC9 81CD B800 2DE1 | 
|2 | Y | 2018-01-23 09:26:30.866451+00 | 
2018-01-23 09:26:30.866451+00 || private|   
 | | |
| 2018-01-21 20:31:24.43819+00  | 2018-01-21 20:31:24.43819+00
106 |102 |  1 | 513 | spacewalk-centos-7-x86_64 
  | /dev/null | spacewalk-centos-7-x86_64   | 
spacewalk-centos-7-x86_64   | | | 
http://yum.spacewalkproject.org/RPM-GPG-KEY-spacewalk-2015
| B8002DE1   | A5FC 508C DD3C C46D 3C3B  4612 DCC9 81CD B800 2DE1 | 
|2 | Y | 2018-01-23 09:26:32.166595+00 | 
2018-01-23 09:26:32.166595+00 || private|   
 | | |
|

Re: [Spacewalk-list] can not join a client to spacewalk master server

2018-01-29 Thread Michael Mraka 
Afify, Sherif S (IBS):
> I am getting the below error when I try to register client to spacewalk  , 
> any ideas?
...
> [Sun Jan 28 11:27:10.469664 2018] [:error] [pid 31001]   File 
> "/usr/lib64/python2.7/site-packages/psycopg2/__init__.py", line 164, in 
> connect
> 
> [Sun Jan 28 11:27:10.469666 2018] [:error] [pid 31001] conn = 
> _connect(dsn, connection_factory=connection_factory, async=async)
> 
> [Sun Jan 28 11:27:10.469667 2018] [:error] [pid 31001] SQLConnectError: 
> (None, None, 'rhnschema', 'All attempts to connect to the database failed')
> 
> [Sun Jan 28 11:27:10.469672 2018] [:error] [pid 31001]

Hello Afify,

Your database is not running, you have to fix it first.

I'm afraid if the error message above didn't help you to find out what's
the problem you should better ask some more experienced admin in your
company to take care of this server.

Regards,

--
Michael Mráka
System Management Engineering, Red Hat

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] can not join a client to spacewalk master server

2018-01-29 Thread Afify, Sherif S (IBS) 


I can login to the database and the rhn.conf  is correct



[root@ ~]# psql rhnschema rhnuser

Password for user rhnuser:

psql (9.2.23)

Type "help" for help.



rhnschema=#







[root@x ~]# cat /etc/rhn/rhn.conf | more

traceback_mail = afi...@bp.com

mount_point = /var/satellite

kickstart_mount_point = /var/satellite

repomd_cache_mount_point = /var/cache

server.satellite.rhn_parent = satellite.rhn.redhat.com



# Use proxy FQDN, or FQDN:port

#server.satellite.http_proxy = xxx:3128

server.satellite.http_proxy = xxx:3128

server.satellite.http_proxy_username =

server.satellite.http_proxy_password =

server.satellite.ca_chain = /usr/share/rhn/RHNS-CA-CERT



# Completely disable ISS.

# If set to 1, then no slave will be able to sync from this server

# this option does not affect ability to sync to this server from

# another spacewalk (or hosted).

disable_iss=0



db_backend = postgresql

db_user = rhnuser

db_password = rhnpw

db_name = rhnschema

db_host =

db_port =

db_ssl_enabled =



-Original Message-
From: Robert Paschedag [mailto:robert.pasche...@web.de]
Sent: Monday, January 29, 2018 10:15 AM
To: spacewalk-list@redhat.com; Afify, Sherif S (IBS) ; 
'spacewalk-list@redhat.com' 
Subject: Re: [Spacewalk-list] can not join a client to spacewalk master server





Check the credentials in /etc/rhn/rhn.conf.



Normally, these are



db: rhnschema

user: rhnuser

pw: rhnpw



Try to login manually with these. If it works, check in conf file, if there is 
something different.



Robert
___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] can not join a client to spacewalk master server

2018-01-29 Thread Michael Mraka 
Afify, Sherif S (IBS):
> Here what I have inside the /var/log/httpd/*  related to the failing client 
> and I cannot see a clear msg for the problem , do you see anything up normal ?
...
> error_log:[Tue Jan 23 09:43:21.708082 2018] [:error] [pid 18048] [client 
> 149.184.141.224:34058] raise SMTPRecipientsRefused(senderrs)
> error_log:[Tue Jan 23 09:43:21.708111 2018] [:error] [pid 18048] [client 
> 149.184.141.224:34058] SMTPRecipientsRefused: {'afi...@bp.com': (454, '4.7.1 
> : Relay access denied')}

Your Spacewalk can't send you an email with error message because it's
blocked by your mailserver.

You have to change mailserver's configuration.

Regards,

--
Michael Mráka
System Management Engineering, Red Hat

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] can not join a client to spacewalk master server

2018-01-29 Thread Robert Paschedag 
Am 28. Januar 2018 12:31:15 MEZ schrieb "Afify, Sherif S (IBS)" 
:
>I am getting the below error when I try to register client to spacewalk
> , any ideas?
>
>
>
>
>
>[Sun Jan 28 11:27:10.469571 2018] [:error] [pid 31001] Exception
>Handler Information
>
>[Sun Jan 28 11:27:10.469572 2018] [:error] [pid 31001] Traceback (most
>recent call last):
>
>[Sun Jan 28 11:27:10.469582 2018] [:error] [pid 31001]   File
>"/usr/lib/python2.7/site-packages/spacewalk/server/apacheHandler.py",
>line 87, in headerParserHandler
>
>[Sun Jan 28 11:27:10.469585 2018] [:error] [pid 31001]
>rhnSQL.initDB()
>
>[Sun Jan 28 11:27:10.469586 2018] [:error] [pid 31001]   File
>"/usr/lib/python2.7/site-packages/spacewalk/server/rhnSQL/__init__.py",
>line 158, in initDB
>
>[Sun Jan 28 11:27:10.469588 2018] [:error] [pid 31001]
>raise_with_tb(e, sys.exc_info()[2])
>
>[Sun Jan 28 11:27:10.469589 2018] [:error] [pid 31001]   File
>"/usr/lib/python2.7/site-packages/spacewalk/server/rhnSQL/__init__.py",
>line 145, in initDB
>
>[Sun Jan 28 11:27:10.469591 2018] [:error] [pid 31001]
>__init__DB(backend, host, port, username, password, database, sslmode,
>sslrootcert)
>
>[Sun Jan 28 11:27:10.469593 2018] [:error] [pid 31001]   File
>"/usr/lib/python2.7/site-packages/spacewalk/server/rhnSQL/__init__.py",
>line 57, in __init__DB
>
>[Sun Jan 28 11:27:10.469652 2018] [:error] [pid 31001]
>__DB.connect()
>
>[Sun Jan 28 11:27:10.469655 2018] [:error] [pid 31001]   File
>"/usr/lib/python2.7/site-packages/spacewalk/server/rhnSQL/driver_postgresql.py",
>line 194, in connect
>
>[Sun Jan 28 11:27:10.469656 2018] [:error] [pid 31001] return
>self.connect(reconnect=reconnect - 1)
>
>[Sun Jan 28 11:27:10.469658 2018] [:error] [pid 31001]   File
>"/usr/lib/python2.7/site-packages/spacewalk/server/rhnSQL/driver_postgresql.py",
>line 199, in connect
>
>[Sun Jan 28 11:27:10.469659 2018] [:error] [pid 31001] "All
>attempts to connect to the database failed"), sys.exc_info()[2])
>
>[Sun Jan 28 11:27:10.469661 2018] [:error] [pid 31001]   File
>"/usr/lib/python2.7/site-packages/spacewalk/server/rhnSQL/driver_postgresql.py",
>line 184, in connect
>
>[Sun Jan 28 11:27:10.469663 2018] [:error] [pid 31001] self.dbh =
>psycopg2.connect(" ".join("%s=%s" % (k, re.escape(str(v))) for k, v in
>dsndata.items()))
>
>[Sun Jan 28 11:27:10.469664 2018] [:error] [pid 31001]   File
>"/usr/lib64/python2.7/site-packages/psycopg2/__init__.py", line 164, in
>connect
>
>[Sun Jan 28 11:27:10.469666 2018] [:error] [pid 31001] conn =
>_connect(dsn, connection_factory=connection_factory, async=async)
>
>[Sun Jan 28 11:27:10.469667 2018] [:error] [pid 31001] SQLConnectError:
>(None, None, 'rhnschema', 'All attempts to connect to the database
>failed')
>
>[Sun Jan 28 11:27:10.469672 2018] [:error] [pid 31001]

Check the credentials in /etc/rhn/rhn.conf.

Normally, these are

db: rhnschema
user: rhnuser
pw: rhnpw

Try to login manually with these. If it works, check in conf file, if there is 
something different.

Robert

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list