[Spacewalk-list] error while syncing with RHEL spacewalk channel

[Wenkai Chen]

HI Spacewalk users,

Encountered an issue while syncing a RHEL channel with its repository.

19:00:06 ==
19:00:06 | Channel: rhel7-server-rpms
19:00:06 ==
19:00:06 Sync of channel started.
19:00:06
19:00:06   Processing repository with URL: 
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os
19:00:07 ERROR: failure: repodata/repomd.xml from rhel7-server-rpms: [Errno 
256] No more mirrors to try.
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml:
 [Errno 14] curl#60 - "Peer's certificate issuer has been marked as not trusted 
by the user."
19:00:07 Sync of channel completed in 0:00:00.
19:00:07 Total time: 0:00:00


The problem is that the RHEL server is already subscribed in the Red Hat 
network and I can see the machine listed as one of the systems being subscribed.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Client execution returned "Invalid function call attempted" (code 6)

[Wenkai Chen]

HI ,

The rhncfg packages are already installed.

[root@x302 yum.repos.d]# rpm -qa | grep rhncfg*
rhncfg-5.10.129-1.el7.noarch
rhncfg-actions-5.10.129-1.el7.noarch
python2-rhncfg-5.10.129-1.el7.noarch
python2-rhncfg-client-5.10.129-1.el7.noarch
python2-rhncfg-actions-5.10.129-1.el7.noarch
rhncfg-management-5.10.129-1.el7.noarch
rhncfg-client-5.10.129-1.el7.noarch
python2-rhncfg-management-5.10.129-1.el7.noarch

I just checked under /usr/share/rhn/actions. It is empty.



Chen Wenkai
Infrastructure Security Engineer

 
  
  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213




-Original Message-
From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Robert Paschedag
Sent: Saturday, 11 July 2020 3:10 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Client execution returned "Invalid function call 
attempted" (code 6)

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.


You seem to be missing some packages that provide the function

packages.checkNeedUpdate('rhnsd=1',)

If I remember right, these should live in /usr/share/rhn/actions

Maybe your missing the rhn-actions package.

Robert


⁣sent from my mobile device​


 Originale Nachricht 
Von: Wenkai Chen 
Gesendet: Wed Jul 01 04:44:32 GMT+02:00 2020
An: "spacewalk-list@redhat.com" 
Betreff: Re: [Spacewalk-list] Client execution returned "Invalid function call 
attempted" (code 6)

HI,

Anyone can help on this?
Furthermore, when I do a 'yum repolist' command on the client machine, the 
number of packages listed for the Spacewalk channel is 0.
[cid:image009.jpg@01D64F94.E21B4380]

When in fact, it has 1 over packages.
[cid:image010.jpg@01D64F94.E21B4380]


[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fensign-infosecurity%2Fdata=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C0a01d1750eda48676e2108d8256a38bc%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637300485442922641sdata=jxU%2F7WOv5mIa4PEeNf%2Fh8feu8aAPzoxGsVtb4bNV6ck%3Dreserved=0>
  [A picture containing tableware  Description generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2F9J7FkhXpb-4data=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C0a01d1750eda48676e2108d8256a38bc%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637300485442922641sdata=iAEkzqAp3fBHGhZ3N%2FTj8KRlkYxO7mFnNaUUXYf6y9U%3Dreserved=0>
  [A close up of a sign  Description generated with high confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FEnsignGlobaldata=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C0a01d1750eda48676e2108d8256a38bc%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637300485442922641sdata=droPSezkKi9Bzx9xgW43wIrYrBe%2BtJ%2FW2t13j%2BzjBRk%3Dreserved=0>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Wenkai Chen
Sent: Wednesday, 24 June 2020 6:40 PM
To: spacewalk-list@redhat.com
Subject: [Spacewalk-list] Client execution returned "Invalid function call 
attempted" (code 6)

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.
HI Spacewalk users,

I encountered an error while trying to run a package verification job on one of 
the CentOS 7 clients.

Client execution returned "Invalid function call attempted" (code 6)

Here is the output of the command "rhn_check -vvv".

==
rhn_check -vvv
D: opening  db environment /var/lib/rpm cdb:0x401
D: opening  db index   /var/lib/rpm/Packages 0x400 mode=0x0
D: locked   db index   /var/lib/rpm/Packages
D: opening  db index   /var/lib/rpm/Providename 0x400 mode=0x0
D: do_call packages.checkNeedUpdate('rhnsd=1',){}
D: opening  db environment /var/lib/rpm cdb:0x401
D: opening  db index   /var/lib/rpm/Packages 0x400 mode=0x0
D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key
D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key
D: loading keyring from rpmdb
D: opening  db index   /var/lib/rpm/Name 0x400 mode=0x0
D: added key gpg-pubkey-f4a80eb5-53a7ff4b to keyring
D: added key gpg-pubkey-442df0f8-4783f24a to keyring
D: added key gpg-pubkey-352c64e5-52ae6884 to keyring
D: added key gpg-pubkey-7fac5991-4615767f to keyring
D: added key gpg-pubkey-d38b4796-570c8cd

Re: [Spacewalk-list] Client execution returned "Invalid function call attempted" (code 6)

[Wenkai Chen]

HI,

Anyone can help on this?
Furthermore, when I do a 'yum repolist' command on the client machine, the 
number of packages listed for the Spacewalk channel is 0.
[cid:image009.jpg@01D64F94.E21B4380]

When in fact, it has 1 over packages.
[cid:image010.jpg@01D64F94.E21B4380]


[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Wenkai Chen
Sent: Wednesday, 24 June 2020 6:40 PM
To: spacewalk-list@redhat.com
Subject: [Spacewalk-list] Client execution returned "Invalid function call 
attempted" (code 6)

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.
HI Spacewalk users,

I encountered an error while trying to run a package verification job on one of 
the CentOS 7 clients.

Client execution returned "Invalid function call attempted" (code 6)

Here is the output of the command "rhn_check -vvv".

==
rhn_check -vvv
D: opening  db environment /var/lib/rpm cdb:0x401
D: opening  db index   /var/lib/rpm/Packages 0x400 mode=0x0
D: locked   db index   /var/lib/rpm/Packages
D: opening  db index   /var/lib/rpm/Providename 0x400 mode=0x0
D: do_call packages.checkNeedUpdate('rhnsd=1',){}
D: opening  db environment /var/lib/rpm cdb:0x401
D: opening  db index   /var/lib/rpm/Packages 0x400 mode=0x0
D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key
D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key
D: loading keyring from rpmdb
D: opening  db index   /var/lib/rpm/Name 0x400 mode=0x0
D: added key gpg-pubkey-f4a80eb5-53a7ff4b to keyring
D: added key gpg-pubkey-442df0f8-4783f24a to keyring
D: added key gpg-pubkey-352c64e5-52ae6884 to keyring
D: added key gpg-pubkey-7fac5991-4615767f to keyring
D: added key gpg-pubkey-d38b4796-570c8cd3 to keyring
D: added key gpg-pubkey-2582e0c5-56099b04 to keyring
D: added key gpg-pubkey-9bd837ba-5bfbc74c to keyring
D: added key gpg-pubkey-6963f07f-57fad2ec to keyring
D: Using legacy gpg-pubkey(s) from rpmdb
D: opening  db index   /var/lib/rpm/Providename 0x400 mode=0x0
D: closed   db index   /var/lib/rpm/Providename
D: closed   db index   /var/lib/rpm/Name
D: closed   db index   /var/lib/rpm/Packages
D: closed   db environment /var/lib/rpm
Loaded plugins: fastestmirror, langpacks, rhnplugin
Adding en_SG.UTF-8 to language list
Config time: 0.024
D: login(forceUpdate=False) invoked
D: readCachedLogin invoked
D: Checking pickled loginInfo, currentTime=1592995113.38, 
createTime=1592994906.84, expire-offset=3600.0
D: readCachedLogin(): using pickled loginInfo set to expire at 1592998506.84
D: rpcServer: Calling XMLRPC up2date.listChannels
This system is receiving updates from RHN Classic or Red Hat Satellite.
rpmdb time: 0.000
Loading mirror speeds from cached hostfile
* base: mirror.upsi.edu.my
* epel: mirrors.bfsu.edu.cn
D: Attempt to call an unsupported action packages.checkNeedUpdate('rhnsd=1',)
D: local action status: (6, 'Invalid function call attempted', {})
D: rpcServer: Calling XMLRPC registration.welcome_message
D: closed   db index   /var/lib/rpm/Providename
D: closed   db index   /var/lib/rpm/Packages
D: closed   db environment /var/lib/rpm
==

May I know how to resolve this issue?
Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fensign-infosecurity%2F=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C7573ce14a52d4a3feec108d8182b12e7%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637285920571295256=uCZkDuSt2cFzpVRx4VPu9r23mCTABgsOHlVDyjnVe0w%3D=0>
  [A picture containing tableware  Description generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2F9J7FkhXpb-4=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C7573ce14a52d4a3feec108d8182b12e7%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637285920571305210=hhNXLfRNBzvsWGKouv%2FFxgqCKwUzf2Z45Fk5xmhxbKw%3D=0>

[Spacewalk-list] Client execution returned "Invalid function call attempted" (code 6)

[Wenkai Chen]

HI Spacewalk users,

I encountered an error while trying to run a package verification job on one of 
the CentOS 7 clients.

Client execution returned "Invalid function call attempted" (code 6)

Here is the output of the command "rhn_check -vvv".

==
rhn_check -vvv
D: opening  db environment /var/lib/rpm cdb:0x401
D: opening  db index   /var/lib/rpm/Packages 0x400 mode=0x0
D: locked   db index   /var/lib/rpm/Packages
D: opening  db index   /var/lib/rpm/Providename 0x400 mode=0x0
D: do_call packages.checkNeedUpdate('rhnsd=1',){}
D: opening  db environment /var/lib/rpm cdb:0x401
D: opening  db index   /var/lib/rpm/Packages 0x400 mode=0x0
D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key
D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key
D: loading keyring from rpmdb
D: opening  db index   /var/lib/rpm/Name 0x400 mode=0x0
D: added key gpg-pubkey-f4a80eb5-53a7ff4b to keyring
D: added key gpg-pubkey-442df0f8-4783f24a to keyring
D: added key gpg-pubkey-352c64e5-52ae6884 to keyring
D: added key gpg-pubkey-7fac5991-4615767f to keyring
D: added key gpg-pubkey-d38b4796-570c8cd3 to keyring
D: added key gpg-pubkey-2582e0c5-56099b04 to keyring
D: added key gpg-pubkey-9bd837ba-5bfbc74c to keyring
D: added key gpg-pubkey-6963f07f-57fad2ec to keyring
D: Using legacy gpg-pubkey(s) from rpmdb
D: opening  db index   /var/lib/rpm/Providename 0x400 mode=0x0
D: closed   db index   /var/lib/rpm/Providename
D: closed   db index   /var/lib/rpm/Name
D: closed   db index   /var/lib/rpm/Packages
D: closed   db environment /var/lib/rpm
Loaded plugins: fastestmirror, langpacks, rhnplugin
Adding en_SG.UTF-8 to language list
Config time: 0.024
D: login(forceUpdate=False) invoked
D: readCachedLogin invoked
D: Checking pickled loginInfo, currentTime=1592995113.38, 
createTime=1592994906.84, expire-offset=3600.0
D: readCachedLogin(): using pickled loginInfo set to expire at 1592998506.84
D: rpcServer: Calling XMLRPC up2date.listChannels
This system is receiving updates from RHN Classic or Red Hat Satellite.
rpmdb time: 0.000
Loading mirror speeds from cached hostfile
* base: mirror.upsi.edu.my
* epel: mirrors.bfsu.edu.cn
D: Attempt to call an unsupported action packages.checkNeedUpdate('rhnsd=1',)
D: local action status: (6, 'Invalid function call attempted', {})
D: rpcServer: Calling XMLRPC registration.welcome_message
D: closed   db index   /var/lib/rpm/Providename
D: closed   db index   /var/lib/rpm/Packages
D: closed   db environment /var/lib/rpm
==

May I know how to resolve this issue?
Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Enquiries on Spacewalk project ending on May 31, 2020

[Wenkai Chen]

HI Spacewalk,

I would like to clarify the following points in regards to the Spacewalk 
project ending on May 31, 2020.

After May 31 2020, will we able to:


  1.  Sync existing repositories created in Spacewalk with the latest packages 
in the CentOS and RHEL upstream repos?
  2.  Download and sync new errata for repositories created in Spacewalk that 
are syncing to RHEL upstream repositories?
  3.  Download and sync new errata from http://cefs.steve-meier.de/ for CentOS 
errata?
  4.  Send support enquiries to 
spacewalk-list@redhat.com for any product 
issues related to Spacewalk version 2.9 or 2.10, and have them answered?

Thank you.


[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Spacewalk 2.9 Security Updates After May 31, 2020

[Wenkai Chen]

HI,

Will we still be able to use the mailing list and email for support?


Chen Wenkai
Infrastructure Security Engineer



  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213




-Original Message-
From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Michael Mraka
Sent: Monday, 27 April 2020 4:13 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Spacewalk 2.9 Security Updates After May 31, 2020

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.


Forbeck, Doug (NIH/NCI) [C]:
> Hello,
>
>   After May 31, 2020, will Spacewalk 2.9 running on CentOS 7 still be able to 
> get errata/bugfixes?

Hello,

After May 31, 2020, there won't be updates (security, bugfixes or
enhancements) for Spacewalk (any version).

As for content in your Spacewalk instance, nothing will change. You will be 
able to sync and distribute updates to your client after that date.

> Thanks

Regards,

--
Michael Mráka
System Management Engineering, Red Hat

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.redhat.com%2Fmailman%2Flistinfo%2Fspacewalk-listdata=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C4a568c7d6d5f48f3a3ee08d7ea82ef3d%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637235720395481583sdata=BEVIm7IHd%2BaPddkMKcv%2BWAoZlMnrozr97rsiWi5TZCg%3Dreserved=0



CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”


___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Package not available for installation even though it is in channel

[Wenkai Chen]

Hi Spacewalk users,

I encountered error while trying to update package for a client.

I have the following message:
[cid:image013.jpg@01D614EE.BD4E3700]

However, when I checked under packages in the respective channel, I can see 
that it is indeed listed there.
[cid:image014.jpg@01D614EE.BD4E3700]

I have other packages that are encountering this issue as well, but I just 
state one of them.
Not all packages are encountering this though. Some of them can be updated.


[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Errata for RHEL systems in Spacewalk

[Wenkai Chen]

HI,

Able to help me confirm on the below queries?
Thanks!

Chen Wenkai
Infrastructure Security Engineer



  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213




-Original Message-
From: Wenkai Chen
Sent: Monday, 2 March 2020 10:16 AM
To: spacewalk-list@redhat.com
Subject: RE: [Spacewalk-list] Errata for RHEL systems in Spacewalk

HI Michael,

Thanks.

Where can I find the file 'updates.xml' in the spacewalk server?

Does this mean that I do not need to individually subscribe each RHEL server 
onto the Red Hat Customer Portal to be managed as a system and attach a 
subscription to each RHEL server?
As long as all the other RHEL servers are registered to Spacewalk server for 
their repos, and that only Spacewalk server needs to be subscribe onto the Red 
hat Customer portal and attached a subscription in order to receive repo errata 
updates?



Chen Wenkai
Infrastructure Security Engineer



  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213




-Original Message-
From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Michael Mraka
Sent: Friday, 28 February 2020 7:20 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Errata for RHEL systems in Spacewalk

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.


Wenkai Chen:
> Hi Spacewalk users,
>
> I would like to enquire for RHEL systems that are registered to Spacewalk 
> server, do they need to import errata manually?

Red Hat's repos contain errata information. See updates.xml in repodata.
And it's downloaded automaticaly using spacewalk-repo-sync.

> Currently, for CentOS servers, I am using steve Meier's errata information 
> (https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcefs.steve-meier.de%2Fdata=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C431643206d5b45dfd1e608d7bc4032ec%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637184856247390053sdata=rRU2sSv1oy7hlqAeJ%2FJNh%2Fps%2FutBJ4NvsDpx24GO0v8%3Dreserved=0)
>  to sync errata into Spacewalk server.
>
> I have another Spacewalk server that manages RHEL 7 servers. I currently have 
> 2 RHEL servers that are registered to this Spacewalk server.
> I discovered that errata information is given in the Spacewalk web console. I 
> have not perform any errata import from Steve Meier's website.
>
> This Spacewalk server is itself registered onto the Red Hat portal with a 
> subscription.
>
> Does this mean that I can skip the process of importing errata information 
> for RHEL servers?
> Thanks in advance.

Regards,

--
Michael Mráka
System Management Engineering, Red Hat

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.redhat.com%2Fmailman%2Flistinfo%2Fspacewalk-listdata=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C431643206d5b45dfd1e608d7bc4032ec%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637184856247390053sdata=Z1%2FxEuVYOqI1ynhVcjqMEvw1kLrFehshs6oAFLpTThQ%3Dreserved=0



CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”


___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Issue encountered while trying to sync RHEL repository on channel

[Wenkai Chen]

Hi Spacewalk users,

I encountered the following issue while trying to sync the repository for RHEL.

020/03/19 17:59:16 +08:00   Processing repository with URL: 
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os
2020/03/19 17:59:17 +08:00 ERROR: failure: repodata/repomd.xml from 
rhel7-server-rpms: [Errno 256] No more mirrors to try.
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml:
 [Errno 14] HTTPS Error 403 - Forbidden
2020/03/19 17:59:17 +08:00 ERROR: failure: repodata/repomd.xml from 
rhel7-server-rpms: [Errno 256] No more mirrors to try.
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml:
 [Errno 14] HTTPS Error 403 - Forbidden

Previously it was working fine and I could sync it.
Any ideas as to what might happen?

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] GPG keys for CentOS channels in Spacewalk

[Wenkai Chen]

HI Stefan,

If the GPG check is done on the client side for the Spacewalk channel, does 
this mean that for each package downloaded from Spacewalk onto the Client, it 
is being signed by CentOS and that the client will use the GPG public key on 
its local file location to verify its integrity?


It doesn't do it. And I don't think it needs to (or you don't want to when 
mixing packages from different sources). You will latest notice the compromise 
when installing the package as it would then fail.


  *   What if GPG check is not enforced? What if the repo URL gets compromised?

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Stefan Bluhm
Sent: Wednesday, 4 March 2020 4:59 PM
To: spacewalk-list 
Subject: Re: [Spacewalk-list] GPG keys for CentOS channels in Spacewalk

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.
Hello Chen,

> So this means that in order to do GPG check for the clients, I would need to 
> place the same GPG key on all registered clients on this channel at the same 
> location? (file:///etc/pki/rpm-gpg/)

correct. Practically, this would only be necessary if the keys are not already 
imported into the rpm database (I import the keys on provisioning and never 
fill out the GPG key field).

> How does Spacewalk verify its integrity when it syncs its repositories for 
> each channel? How does it ensure that the repo it syncs with have not been 
> compromised?

It doesn't do it. And I don't think it needs to (or you don't want to when 
mixing packages from different sources). You will latest notice the compromise 
when installing the package as it would then fail.

Best wishes,

Stefan

________
Von: "Wenkai Chen" 
mailto:wenkai_c...@ensigninfosecurity.com>>
An: "spacewalk-list" 
mailto:spacewalk-list@redhat.com>>
Gesendet: Mittwoch, 4. März 2020 09:50:03
Betreff: Re: [Spacewalk-list] GPG keys for CentOS channels in Spacewalk

HI Stefan,

Thanks.

So this means that in order to do GPG check for the clients, I would need to 
place the same GPG key on all registered clients on this channel at the same 
location? (file:///etc/pki/rpm-gpg/)

How does Spacewalk verify its integrity when it syncs its repositories for each 
channel? How does it ensure that the repo it syncs with have not been 
compromised?



[A close up of a signDescription generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing buildingDescription generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fensign-infosecurity%2F=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C7c8e9f9d69304a044f8408d7c01a69cb%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637189092019889619=aFsXTRJ%2Bpfw8DOyMBY7QJRcMLZb7WUjkRQ7yPpJPdTw%3D=0>
  [A picture containing tablewareDescription generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2F9J7FkhXpb-4=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C7c8e9f9d69304a044f8408d7c01a69cb%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637189092019899615=mP%2Bz7DL6GSx7A57PkT23GrQE0bXw8nsaZTIAkVlWlZM%3D=0>
  [A close up of a signDescription generated with high confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FEnsignGlobal=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C7c8e9f9d69304a044f8408d7c01a69cb%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637189092019899615=%2Fp7YsXB3anC7T%2BWm25A5r63JzMW0v2kuBrkxdbUeBIQ%3D=0>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: 
spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com> 
mailto:spacewalk-list-boun...@redhat.com>> 
On Behalf Of Stefan Bluhm
Sent: Wednesday, 4 March 2020 2:43 PM
To: spacewalk-list mailto:spacewalk-list@redhat.com>>
Subject: Re: [Spacewalk-list] GPG keys for CentOS channels in Spacewalk

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recogniz

Re: [Spacewalk-list] GPG keys for CentOS channels in Spacewalk

[Wenkai Chen]

HI Stefan,

Thanks.

So this means that in order to do GPG check for the clients, I would need to 
place the same GPG key on all registered clients on this channel at the same 
location? (file:///etc/pki/rpm-gpg/)

How does Spacewalk verify its integrity when it syncs its repositories for each 
channel? How does it ensure that the repo it syncs with have not been 
compromised?



[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Stefan Bluhm
Sent: Wednesday, 4 March 2020 2:43 PM
To: spacewalk-list 
Subject: Re: [Spacewalk-list] GPG keys for CentOS channels in Spacewalk

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.
Hello Chen,

the field GPG key on the channel setup is information for the package installer 
on the CLIENT.

It tells the package installer on the client where to find the GPG key for 
these packages. You have to enter it from the client point of view (in the same 
format the client would use it). So no URL. It must be a client local file 
location.

Best wishes,

Stefan

____
Von: "Wenkai Chen" 
mailto:wenkai_c...@ensigninfosecurity.com>>
An: "spacewalk-list" 
mailto:spacewalk-list@redhat.com>>
Gesendet: Mittwoch, 4. März 2020 04:19:56
Betreff: [Spacewalk-list]  GPG keys for CentOS channels in Spacewalk

HI Spacewalk users,

Sorry just would like to confirm.

When we enter GPG key into a channel on Spacewalk, does it mean that whenever 
we do a repo-sync, it does a gpg-check on all the packages downloaded and 
synced?

If there is no GPG key entered for a channel in Spacewalk, will there be a 
gpg-check?
If clients are registered to this channel on Spacewalk, will there be a 
gpg-check?

Thank you.

[A close up of a signDescription generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing buildingDescription generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fensign-infosecurity%2F=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7Cbec92e4d7f924ce0609a08d7c0077ac5%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637189010679631245=gwUYQPIcYMJ0jgab4J585p5TEBny9%2BwdY2eJeD4N3iY%3D=0>
  [A picture containing tablewareDescription generated with high 
confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fyoutu.be%2F9J7FkhXpb-4=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7Cbec92e4d7f924ce0609a08d7c0077ac5%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637189010679641236=Z%2BRMDHv5ifakyKT2oJoatuw4btwFNg4GEvAJ%2BzBmA%2B8%3D=0>
  [A close up of a signDescription generated with high confidence] 
<https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FEnsignGlobal=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7Cbec92e4d7f924ce0609a08d7c0077ac5%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637189010679641236=ldesps5s%2F2ASMZBP5Esel2ZUuziRX%2FQm4iCYoST2tjk%3D=0>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”


___
Spacewalk-list mailing list
Spacewalk-list@redhat.com<mailto:Spacewalk-list@redhat.com>
https://www.redhat.com/mailman/listinfo/spacewalk-list
___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] GPG keys for CentOS channels in Spacewalk

[Wenkai Chen]

HI Spacewalk users,

Sorry just would like to confirm.

When we enter GPG key into a channel on Spacewalk, does it mean that whenever 
we do a repo-sync, it does a gpg-check on all the packages downloaded and 
synced?

If there is no GPG key entered for a channel in Spacewalk, will there be a 
gpg-check?
If clients are registered to this channel on Spacewalk, will there be a 
gpg-check?

Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Errata for RHEL systems in Spacewalk

[Wenkai Chen]

HI Michael,

Thanks.

Where can I find the file 'updates.xml' in the spacewalk server?

Does this mean that I do not need to individually subscribe each RHEL server 
onto the Red Hat Customer Portal to be managed as a system and attach a 
subscription to each RHEL server?
As long as all the other RHEL servers are registered to Spacewalk server for 
their repos, and that only Spacewalk server needs to be subscribe onto the Red 
hat Customer portal and attached a subscription in order to receive repo errata 
updates?



Chen Wenkai
Infrastructure Security Engineer



  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213




-Original Message-
From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Michael Mraka
Sent: Friday, 28 February 2020 7:20 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Errata for RHEL systems in Spacewalk

EXTERNAL: Caution this email originated from outside of the organization. Do 
not click links or open attachments unless you recognize the sender and know 
the content is safe.


Wenkai Chen:
> Hi Spacewalk users,
>
> I would like to enquire for RHEL systems that are registered to Spacewalk 
> server, do they need to import errata manually?

Red Hat's repos contain errata information. See updates.xml in repodata.
And it's downloaded automaticaly using spacewalk-repo-sync.

> Currently, for CentOS servers, I am using steve Meier's errata information 
> (https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcefs.steve-meier.de%2Fdata=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C431643206d5b45dfd1e608d7bc4032ec%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637184856247390053sdata=rRU2sSv1oy7hlqAeJ%2FJNh%2Fps%2FutBJ4NvsDpx24GO0v8%3Dreserved=0)
>  to sync errata into Spacewalk server.
>
> I have another Spacewalk server that manages RHEL 7 servers. I currently have 
> 2 RHEL servers that are registered to this Spacewalk server.
> I discovered that errata information is given in the Spacewalk web console. I 
> have not perform any errata import from Steve Meier's website.
>
> This Spacewalk server is itself registered onto the Red Hat portal with a 
> subscription.
>
> Does this mean that I can skip the process of importing errata information 
> for RHEL servers?
> Thanks in advance.

Regards,

--
Michael Mráka
System Management Engineering, Red Hat

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.redhat.com%2Fmailman%2Flistinfo%2Fspacewalk-listdata=02%7C01%7Cwenkai_chen%40ensigninfosecurity.com%7C431643206d5b45dfd1e608d7bc4032ec%7Cd5cb08f4d38848b2bc028ecce3c63fce%7C1%7C0%7C637184856247390053sdata=Z1%2FxEuVYOqI1ynhVcjqMEvw1kLrFehshs6oAFLpTThQ%3Dreserved=0



CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”


___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Errata for RHEL systems in Spacewalk

[Wenkai Chen]

Hi Spacewalk users,

I would like to enquire for RHEL systems that are registered to Spacewalk 
server, do they need to import errata manually?

Currently, for CentOS servers, I am using steve Meier's errata information 
(http://cefs.steve-meier.de/) to sync errata into Spacewalk server.

I have another Spacewalk server that manages RHEL 7 servers. I currently have 2 
RHEL servers that are registered to this Spacewalk server.
I discovered that errata information is given in the Spacewalk web console. I 
have not perform any errata import from Steve Meier's website.

This Spacewalk server is itself registered onto the Red Hat portal with a 
subscription.

Does this mean that I can skip the process of importing errata information for 
RHEL servers?
Thanks in advance.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Too many open files while syncing Red hat repository on Spacewalk server 2.9

[Wenkai Chen]

HI Spacewalk users,

I have an issue while running a repo sync on one of our red hat repositories in 
spacewalk.

This was the error log.

===
2020/02/21 19:47:45 +08:00 [Errno 24] Too many open files: 
'/var/satellite/redhat/1/stage/zziplib-0.13.62-9.el7.x86_64.rpm'
2020/02/21 19:47:45 +08:00 [Errno 24] Too many open files: 
'/var/satellite/redhat/1/stage/zziplib-0.13.62-11.el7.x86_64.rpm'
2020/02/21 19:47:45 +08:00 [Errno 24] Too many open files: 
'/var/satellite/redhat/1/stage/zziplib-0.13.62-5.el7.x86_64.rpm'
2020/02/21 19:47:45 +08:00 [Errno 24] Too many open files: 
'/var/satellite/redhat/1/stage/zziplib-0.13.62-9.el7.i686.rpm'
2020/02/21 19:47:45 +08:00 [Errno 24] Too many open files: 
'/var/satellite/redhat/1/stage/zziplib-0.13.62-5.el7.i686.rpm'
2020/02/21 19:47:45 +08:00 [Errno 24] Too many open files: 
'/var/satellite/redhat/1/stage/zziplib-0.13.62-11.el7.i686.rpm'
2020/02/21 19:47:45 +08:00 Importing packages finished.
2020/02/21 19:47:45 +08:00
2020/02/21 19:47:45 +08:00   Linking packages to the channel.
2020/02/21 19:48:12 +08:00 ERROR: Could not find object 
[https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] What is the correct way to safely remove all errata that is orphaned and not part of any packages

[Wenkai Chen]

HI Andreas,

What is the complete spacecmd command to remove the relevant errata?
Thanks.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Andreas Dijkman
Sent: Monday, 7 October 2019 2:18 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] What is the correct way to safely remove all 
errata that is orphaned and not part of any packages

I removed all my relevant errata with spacecmd. And spacecmd can handle 
wildcards, so that should be easy enough to remove them in bulk. And if you 
remove too much, just import them again by syncing the channels with errata 
available.

Andreas Dijkman

On 7 Oct 2019, at 08:01, Wenkai Chen 
mailto:wenkai_c...@ensigninfosecurity.com>> 
wrote:

Hi Users,

Anyone able to advise?
Thank you.



Chen Wenkai
Infrastructure Security Engineer

   <https://www.linkedin.com/company/ensign-infosecurity/>
 <https://youtu.be/9J7FkhXpb-4> 
<https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Wenkai Chen
Sent: Friday, 13 September 2019 11:09 AM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: [Spacewalk-list] What is the correct way to safely remove all errata 
that is orphaned and not part of any packages

HI Spacewalk users,

Recently I just remove a RHEL 7 channel and its associated repository from 
Spacewalk. I remove via the spacecmd command and also did a spacewalk-data-fsck 
to check the database for any orphan packages that are not in use.
Now, all the RHEL packages and channels with its repositories are all removed 
from Spacewalk. However, the errata information related to the RHEL 7 channel 
still exists in Spacewalk.
How do I safely remove all these errata information that are no use? Should I 
just remove via the GUI under ‘Errata’ > ‘Manage Errata’? Do I need to do 
anything else? Or will the UI take care of everything?

Thank you.



Chen Wenkai
Infrastructure Security Engineer

   <https://www.linkedin.com/company/ensign-infosecurity/>
 <https://youtu.be/9J7FkhXpb-4> 
<https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213




CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com<mailto:Spacewalk-list@redhat.com>
https://www.redhat.com/mailman/listinfo/spacewalk-list

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] FW: What is the correct way to safely remove all errata that is orphaned and not part of any packages

[Wenkai Chen]

Hi Users,

Anyone able to advise?
Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Wenkai Chen
Sent: Friday, 13 September 2019 11:09 AM
To: spacewalk-list@redhat.com
Subject: [Spacewalk-list] What is the correct way to safely remove all errata 
that is orphaned and not part of any packages

HI Spacewalk users,

Recently I just remove a RHEL 7 channel and its associated repository from 
Spacewalk. I remove via the spacecmd command and also did a spacewalk-data-fsck 
to check the database for any orphan packages that are not in use.
Now, all the RHEL packages and channels with its repositories are all removed 
from Spacewalk. However, the errata information related to the RHEL 7 channel 
still exists in Spacewalk.
How do I safely remove all these errata information that are no use? Should I 
just remove via the GUI under 'Errata' > 'Manage Errata'? Do I need to do 
anything else? Or will the UI take care of everything?

Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] What is the correct way to safely remove all errata that is orphaned and not part of any packages

[Wenkai Chen]

HI Spacewalk users,

Recently I just remove a RHEL 7 channel and its associated repository from 
Spacewalk. I remove via the spacecmd command and also did a spacewalk-data-fsck 
to check the database for any orphan packages that are not in use.
Now, all the RHEL packages and channels with its repositories are all removed 
from Spacewalk. However, the errata information related to the RHEL 7 channel 
still exists in Spacewalk.
How do I safely remove all these errata information that are no use? Should I 
just remove via the GUI under 'Errata' > 'Manage Errata'? Do I need to do 
anything else? Or will the UI take care of everything?

Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] [Spacewalk-List] CentOS client not pulling in repository from Spacewalk server

[Wenkai Chen]

Hi Spacewalk users,

I have configured a CentOS client to register with my Spacewalk server. I have 
assigned the relevant channels for the client, so that when the client does a 
package install, I would prefer it to be pulling from the Spacewalk server 
instead of directly into the repository on the internet.
However, when I do a 'yum repolist', I do not see the Spacewalk repository 
listed.

How do I rectify this? Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Encountered an error while trying to update errata

[Wenkai Chen]

HI,

Anyway I removed the channel and its repository and basically recreated the 
channel and reconfigured the repositories. I removed the RHEL client, 
uninstalled all spacewalk related packages and reinstalled them and 
reregistered it to Spacewalk server.
Doing this long method eventually resolved it, but I hope that a much simpler 
and straightforward method would be known to save this from happening again.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Wenkai Chen
Sent: Wednesday, 11 September 2019 1:42 PM
To: Elsever Sadigov ; spacewalk-list@redhat.com
Subject: RE: [Spacewalk-list] Encountered an error while trying to update errata

HI,

I can't find them in the RHEL client. I am unsure of how to check whether the 
packages are in the Spacewalk server or the client.

I have assigned GPG keys to the RHEL channel and have successfully sync the 
RHEL repo.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Elsever Sadigov mailto:e.sadi...@millikart.az>>
Sent: Tuesday, 10 September 2019 3:59 PM
To: Wenkai Chen 
mailto:wenkai_c...@ensigninfosecurity.com>>;
 spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: Re: [Spacewalk-list] Encountered an error while trying to update errata

Hi Wenkai,

So what about packages, when you search them in RHEL client, still no finding 
them or they are present, but not updating?
Do you try manually update packages? Do you also assigned GPG keys?

My SW server behind a proxy, when I registered it in itself it started pulling 
them from self. For being sure you can mv repos in /etc/yum.repo.d or where 
repo information are stored.

--
Best Regards,
Sadigov Elsevar
IT Department Linux Administrator
"MilliKart" LLC
AZ , 5A Ali Mustafayev str., Baku, Azerbaijan
Phone:   (+994 12) 431 22 20 (ext.549)
Mobile:(+994 77)  600 36 30
[millikart_logo2]<http://millikart.az/>   [cib_logo2] <http://cib.az/>
[mplus] <http://mpos.az/>[parpar2] <https://www.facebook.com/parparcard/>   
 [face2] <https://www.facebook.com/millikartllc/>    [youtube2] 
<https://www.youtube.com/channel/UCk2RcZMdMHngomnTGvijhow>

On 9/10/2019 05:08, Wenkai Chen wrote:
HI Sadigov,

I have already created and assigned separate channels for RHEL and CentOS 
clients. RHEL channels have their own repositories. Likewise for CentOS 
channels.
Just wondering for the Spacewalk server itself that is registered as a client 
to itself, do you all disable all the other yum repositories and only configure 
it to pull from the Spacewalk repositories? Or do you all have both spacewalk 
repositories and the original yum repositories together in Spacewalk server? I 
do not know if this could be an issue.

Thanks.

Regards,

[A close up of a sign  Description generated with very 
high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description 
generated with high confidence] 
<https://www.linkedin.com/company/ensign-infosecurity/>  [A picture 
containing tableware  Description generated with 
high confidence] <https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  
Description generated with high confidence] 
<https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Elsever Sadigov <mailto:e.sadi...@millikart.az>
Sent: Monday, 9 September 2019 8:40 PM
To: Wenkai Chen 
<mailto:wenkai_c...@ensigninfosecurity.com>;
 spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: Re: [Spacewalk-list] Encountered 

Re: [Spacewalk-list] Encountered an error while trying to update errata

[Wenkai Chen]

HI,

I can't find them in the RHEL client. I am unsure of how to check whether the 
packages are in the Spacewalk server or the client.

I have assigned GPG keys to the RHEL channel and have successfully sync the 
RHEL repo.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Elsever Sadigov 
Sent: Tuesday, 10 September 2019 3:59 PM
To: Wenkai Chen ; spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Encountered an error while trying to update errata

Hi Wenkai,

So what about packages, when you search them in RHEL client, still no finding 
them or they are present, but not updating?
Do you try manually update packages? Do you also assigned GPG keys?

My SW server behind a proxy, when I registered it in itself it started pulling 
them from self. For being sure you can mv repos in /etc/yum.repo.d or where 
repo information are stored.

--
Best Regards,
Sadigov Elsevar
IT Department Linux Administrator
"MilliKart" LLC
AZ , 5A Ali Mustafayev str., Baku, Azerbaijan
Phone:   (+994 12) 431 22 20 (ext.549)
Mobile:(+994 77)  600 36 30
[millikart_logo2]<http://millikart.az/>   [cib_logo2] <http://cib.az/>
[mplus] <http://mpos.az/>[parpar2] <https://www.facebook.com/parparcard/>   
 [face2] <https://www.facebook.com/millikartllc/>[youtube2] 
<https://www.youtube.com/channel/UCk2RcZMdMHngomnTGvijhow>

On 9/10/2019 05:08, Wenkai Chen wrote:
HI Sadigov,

I have already created and assigned separate channels for RHEL and CentOS 
clients. RHEL channels have their own repositories. Likewise for CentOS 
channels.
Just wondering for the Spacewalk server itself that is registered as a client 
to itself, do you all disable all the other yum repositories and only configure 
it to pull from the Spacewalk repositories? Or do you all have both spacewalk 
repositories and the original yum repositories together in Spacewalk server? I 
do not know if this could be an issue.

Thanks.

Regards,

[A close up of a sign  Description generated with very 
high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description 
generated with high confidence] 
<https://www.linkedin.com/company/ensign-infosecurity/>  [A picture 
containing tableware  Description generated with 
high confidence] <https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  
Description generated with high confidence] 
<https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Elsever Sadigov <mailto:e.sadi...@millikart.az>
Sent: Monday, 9 September 2019 8:40 PM
To: Wenkai Chen 
<mailto:wenkai_c...@ensigninfosecurity.com>;
 spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: Re: [Spacewalk-list] Encountered an error while trying to update errata


Wenkai,

Yes, its common, my colleagues also had problems with RHEL clients. Try to 
separate main channels for RHEL and CentOS for isolate different systems to 
take packs from same source. Hope it helps.

I dunno correct or not. Can you explain how you planned channels for update?

And yes, I'm also registered Spacewalk server as client, because it is easy to 
manage.

--
Best Regards,
Sadigov Elsevar

On 9/9/2019 15:58, Wenkai Chen wrote:
HI,

i am to update CentOS clients, but just having issue with this RHEL client. 
Also i noticed, the RHEL client also pulls in security errata that is related 
to Red Hat packages, not CentOS.
Is this the correct behaviour? What should i do?
Btw, i am registering the Spacewalk server(which is running on CentOS) as a 
client itself. Is this ok?

regards.
Wenkai

[cid:image023.png@01D568A4.61C45640]

Chen Wenkai

Infrastructure Security Engineer
E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Elsever Sadigov <mailto:e.sadi...@millikart.az>
Sent: Monday, September 9, 2019 6:58 PM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com> 
<mailto:spacewalk-list@redhat.com>; Wenkai Chen 
<mailto:wenkai_c...@ensigninfosecurity.com>
Su

[Spacewalk-list] [Spacewalk-List] Where are the repo configuration files for Spacewalk

[Wenkai Chen]

HI Spacewalk users,

I am trying to find out where are the repo config files for Spacewalk Server 
and client. Under /etc/yum.repos.d/, I can see that spacewalk-client.repo and 
spacewalk-.repo being created. However, these are not the repository config 
files for the repositories I have created in Spacewalk.
How can I configure the settings if they are not present in the config files?

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Encountered an error while trying to update errata

[Wenkai Chen]

HI Sadigov,

I have already created and assigned separate channels for RHEL and CentOS 
clients. RHEL channels have their own repositories. Likewise for CentOS 
channels.
Just wondering for the Spacewalk server itself that is registered as a client 
to itself, do you all disable all the other yum repositories and only configure 
it to pull from the Spacewalk repositories? Or do you all have both spacewalk 
repositories and the original yum repositories together in Spacewalk server? I 
do not know if this could be an issue.

Thanks.

Regards,

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Elsever Sadigov 
Sent: Monday, 9 September 2019 8:40 PM
To: Wenkai Chen ; spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Encountered an error while trying to update errata


Wenkai,

Yes, its common, my colleagues also had problems with RHEL clients. Try to 
separate main channels for RHEL and CentOS for isolate different systems to 
take packs from same source. Hope it helps.

I dunno correct or not. Can you explain how you planned channels for update?

And yes, I'm also registered Spacewalk server as client, because it is easy to 
manage.

--
Best Regards,
Sadigov Elsevar

On 9/9/2019 15:58, Wenkai Chen wrote:
HI,

i am to update CentOS clients, but just having issue with this RHEL client. 
Also i noticed, the RHEL client also pulls in security errata that is related 
to Red Hat packages, not CentOS.
Is this the correct behaviour? What should i do?
Btw, i am registering the Spacewalk server(which is running on CentOS) as a 
client itself. Is this ok?

regards.
Wenkai

[cid:image005.png@01D567B7.474FDCF0]

Chen Wenkai

Infrastructure Security Engineer
E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: Elsever Sadigov <mailto:e.sadi...@millikart.az>
Sent: Monday, September 9, 2019 6:58 PM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com> 
<mailto:spacewalk-list@redhat.com>; Wenkai Chen 
<mailto:wenkai_c...@ensigninfosecurity.com>
Subject: Re: [Spacewalk-list] Encountered an error while trying to update errata


Hi,
Maybe a problem with front and back end when client tries to get updates?
Is db working correctly?

--
Best Regards,
Sadigov Elsevar
On 9/9/2019 14:23, Wenkai Chen wrote:

HI Spacewalk users,



Have encountered the following error while trying to update security errata.



This action will be executed after 9/9/19 6:15:00 PM AWST
This action's status is: Failed.
The client picked up this action on 9/9/19 6:15 PM
The client completed this action on 9/9/19 6:19 PM
Client execution returned "Failed: Packages failed to install properly: Package 
python-perf-0:3.10.0-1062.1.1.el7.x86_64 is not available for installation 
Package kernel-tools-libs-0:3.10.0-1062.1.1.el7.x86_64 is not available for 
installation Package kernel-tools-0:3.10.0-1062.1.1.el7.x86_64 is not available 
for installation Package kernel-0:3.10.0-1062.1.1.el7.x86_64 is not available 
for installation" (code 32)

Errata Affected:

  *   RHSA-2019:2600 - Important: kernel security and bug fix update





Any advice as to why this is happening? If the package is not installed on the 
client system, why is it flagged as security errata on the system?





[Aclose up of a sign Description
generated with very high
confidence]

Chen Wenkai

Infrastructure Security Engineer

   [Apicture containing 
buildingDescription generated with  
  high confidence] 
<https://www.linkedin.com/company/ensign-infosecurity/>  [A 
   picture containing tableware 
   Description generated with   
 high confidence] <https://youtu.be/9J7FkhXpb-4>  [A
close up of a sign Description  
  generated with high   
 confidence] <https://www.facebook.com/EnsignGlobal>


  E:  
wenkai_c...@ensigninfosecurity.com<mai

Re: [Spacewalk-list] Encountered an error while trying to update errata

[Wenkai Chen]

HI,

i am to update CentOS clients, but just having issue with this RHEL client. 
Also i noticed, the RHEL client also pulls in security errata that is related 
to Red Hat packages, not CentOS.
Is this the correct behaviour? What should i do?
Btw, i am registering the Spacewalk server(which is running on CentOS) as a 
client itself. Is this ok?

regards.
Wenkai

[cid:27bc50e6-ee0f-4bcc-8070-4219662c38a2]

Chen Wenkai

Infrastructure Security Engineer

E:  wenkai_c...@ensigninfosecurity.com
A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213



From: Elsever Sadigov 
Sent: Monday, September 9, 2019 6:58 PM
To: spacewalk-list@redhat.com ; Wenkai Chen 

Subject: Re: [Spacewalk-list] Encountered an error while trying to update errata


Hi,
Maybe a problem with front and back end when client tries to get updates?
Is db working correctly?

--
Best Regards,
Sadigov Elsevar

On 9/9/2019 14:23, Wenkai Chen wrote:

HI Spacewalk users,



Have encountered the following error while trying to update security errata.



This action will be executed after 9/9/19 6:15:00 PM AWST
This action's status is: Failed.
The client picked up this action on 9/9/19 6:15 PM
The client completed this action on 9/9/19 6:19 PM
Client execution returned "Failed: Packages failed to install properly: Package 
python-perf-0:3.10.0-1062.1.1.el7.x86_64 is not available for installation 
Package kernel-tools-libs-0:3.10.0-1062.1.1.el7.x86_64 is not available for 
installation Package kernel-tools-0:3.10.0-1062.1.1.el7.x86_64 is not available 
for installation Package kernel-0:3.10.0-1062.1.1.el7.x86_64 is not available 
for installation" (code 32)

Errata Affected:


  *   RHSA-2019:2600 - Important: kernel security and bug fix update





Any advice as to why this is happening? If the package is not installed on the 
client system, why is it flagged as security errata on the system?





[A close up of a sign   Description generated with 
very high   confidence]

Chen Wenkai

Infrastructure Security Engineer

   [A picture containing building   
Description generated with high   confidence] 
<https://www.linkedin.com/company/ensign-infosecurity/>  [A picture 
containing tableware   Description generated 
with high   confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign   
Description generated with high   
confidence] <https://www.facebook.com/EnsignGlobal>


  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>

  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213








CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”




___
Spacewalk-list mailing list
Spacewalk-list@redhat.com<mailto:Spacewalk-list@redhat.com>
https://www.redhat.com/mailman/listinfo/spacewalk-list

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Encountered an error while trying to update errata

[Wenkai Chen]

HI Spacewalk users,

Have encountered the following error while trying to update security errata.

This action will be executed after 9/9/19 6:15:00 PM AWST
This action's status is: Failed.
The client picked up this action on 9/9/19 6:15 PM
The client completed this action on 9/9/19 6:19 PM
Client execution returned "Failed: Packages failed to install properly: Package 
python-perf-0:3.10.0-1062.1.1.el7.x86_64 is not available for installation 
Package kernel-tools-libs-0:3.10.0-1062.1.1.el7.x86_64 is not available for 
installation Package kernel-tools-0:3.10.0-1062.1.1.el7.x86_64 is not available 
for installation Package kernel-0:3.10.0-1062.1.1.el7.x86_64 is not available 
for installation" (code 32)

Errata Affected:


  *   RHSA-2019:2600 - Important: kernel security and bug fix update


Any advice as to why this is happening? If the package is not installed on the 
client system, why is it flagged as security errata on the system?


[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] MD5 hash value for latest Red hat OVAL file

[Wenkai Chen]

HI Spacewalk users,

I would like to know if the MD5 hash value is provided for the latest Red Hat 
OVAL file in steve meier's website.
http://cefs.steve-meier.de/

I understand that the MD5 hash value is provided for the errata-latest.xml 
file. However, I would also like to know it is provided for the Red Hat OVAL 
file as well.
Thanks.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] [Spacewalk-List] Error while importing errata to Spacewalk

[Wenkai Chen]

Hi Michael,

Thank you.
Do you have the exact steps of logging into the spacewalk database? The 
commands listed are not really conclusive.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of FRANK Michael
Sent: Wednesday, 24 July 2019 7:32 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] [Spacewalk-List] Error while importing errata to 
Spacewalk

Hi Chen,

I know only this:

https://www.redhat.com/archives/spacewalk-list/2014-October/msg00041.html

regards

Michael

From: 
spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com> 
mailto:spacewalk-list-boun...@redhat.com>> 
On Behalf Of Wenkai Chen
Sent: Wednesday, July 24, 2019 12:16 PM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: Re: [Spacewalk-list] [Spacewalk-List] Error while importing errata to 
Spacewalk

HI,

What is the correct way to delete all errata in the database? I tried to delete 
all errata from the web UI, and tried re-importing the errata again by running 
the script provided by http://cefs.steve-meier.de/

This time, the duplicate error is gone.

[A close up of a signDescription generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing buildingDescription generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tablewareDescription generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a signDescription 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: 
spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com> 
mailto:spacewalk-list-boun...@redhat.com>> 
On Behalf Of FRANK Michael
Sent: Wednesday, 24 July 2019 5:46 PM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: Re: [Spacewalk-list] [Spacewalk-List] Error while importing errata to 
Spacewalk

Hello,

We had the same issue. Solution was to delete the conflicting record direct in 
the database.
After upgrade to 2.8 I don't see this anymore in the logs.


Regards

Michael FRANK



From: 
spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com> 
mailto:spacewalk-list-boun...@redhat.com>> 
On Behalf Of Wenkai Chen
Sent: Wednesday, July 24, 2019 10:11 AM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: [Spacewalk-list] [Spacewalk-List] Error while importing errata to 
Spacewalk

HI Spacewalk users,

I encountered an error while trying to import errata.

Fault returned from XML RPC Server, fault code 2601: 
redstone.xmlrpc.XmlRpcFault: Errata already exists with advisory CEBA-2018:3195

This caused the entire operation to rollback. May I know if this is expected? 
Spacewalk does not have the functionality to continue if existing errata exist?

[A close up of a signDescription generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing buildingDescription generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tablewareDescription generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a signDescription 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."


This electronic transmission (and any attachments thereto) is intended solely 
for 

[Spacewalk-list] [spacewalk-list] import red hat errata into spacewalk

[Wenkai Chen]

HI Spacewalk users,

I am trying to use the script provided by http://cefs.steve-meier.de/ to 
download and import errata into spacewalk.
I have CentOS and RHEL channels created. So far, using the script, I am able to 
see CentOS errata being imported and shown in spacewalk for the respective 
servers.
However, for Red Hat, I am not able to see any even after running the script.

Here is my command to run the script:
errata-import.pl --server localhost --errata errata.latest.xml 
--rhsa-oval=com.redhat.rhsa-all.xml -publish

Is this the correct way to import and publish all errata for CentOS and Red Hat?
What is the significance of the parameter 
'--rhsa-oval=com.redhat.rhsa-all.xml'? Does this help in the red hat errata? 
Why don't I see any red hat errata being published even after having that 
parameter?
Do I need to run the import on separate commands for CentOS and Red Hat? Or by 
running the 1 single command, both red hat and centos errata would be published 
together?
If need to run separate for Red Hat, what is the command exactly?

Anyone can advise? Thank you.
[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] [Spacewalk-List] Error while importing errata to Spacewalk

[Wenkai Chen]

HI,

What is the correct way to delete all errata in the database? I tried to delete 
all errata from the web UI, and tried re-importing the errata again by running 
the script provided by http://cefs.steve-meier.de/

This time, the duplicate error is gone.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of FRANK Michael
Sent: Wednesday, 24 July 2019 5:46 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] [Spacewalk-List] Error while importing errata to 
Spacewalk

Hello,

We had the same issue. Solution was to delete the conflicting record direct in 
the database.
After upgrade to 2.8 I don't see this anymore in the logs.


Regards

Michael FRANK



From: 
spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com> 
mailto:spacewalk-list-boun...@redhat.com>> 
On Behalf Of Wenkai Chen
Sent: Wednesday, July 24, 2019 10:11 AM
To: spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>
Subject: [Spacewalk-list] [Spacewalk-List] Error while importing errata to 
Spacewalk

HI Spacewalk users,

I encountered an error while trying to import errata.

Fault returned from XML RPC Server, fault code 2601: 
redstone.xmlrpc.XmlRpcFault: Errata already exists with advisory CEBA-2018:3195

This caused the entire operation to rollback. May I know if this is expected? 
Spacewalk does not have the functionality to continue if existing errata exist?

[A close up of a signDescription generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing buildingDescription generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tablewareDescription generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a signDescription 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."


This electronic transmission (and any attachments thereto) is intended solely 
for the use of the addressee(s). It may contain confidential or legally 
privileged information. If you are not the intended recipient of this message, 
you must delete it immediately and notify the sender. Any unauthorized use or 
disclosure of this message is strictly prohibited.  Faurecia does not guarantee 
the integrity of this transmission and shall therefore never be liable if the 
message is altered or falsified nor for any virus, interception or damage to 
your system.
___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] [Spacewalk-List] Error while importing errata to Spacewalk

[Wenkai Chen]

HI Spacewalk users,

I encountered an error while trying to import errata.

Fault returned from XML RPC Server, fault code 2601: 
redstone.xmlrpc.XmlRpcFault: Errata already exists with advisory CEBA-2018:3195

This caused the entire operation to rollback. May I know if this is expected? 
Spacewalk does not have the functionality to continue if existing errata exist?

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Spacewalk server keeps resyncing same packages from channel

[Wenkai Chen]

HI Michael,

Thanks so much for the insight. Should I configure separate channels for all 
different distributions (updates,OS,extras) or just updates and OS will do?



Regards,



Chen Wenkai
Infrastructure Security Engineer



  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213



-Original Message-
From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Michael Mraka
Sent: Thursday, 18 July 2019 5:52 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Spacewalk server keeps resyncing same packages 
from channel

Wenkai Chen:
> HI Spacewalk users,
>
> I have a Spacewalk server configure with several channels (CentOS and RHEL).
> When I tried to do a spacewalk-repo-sync, I discovered that it keeps syncing 
> the same packages over and over again. These same packages are already 
> resynced during the last repo sync. However, it gets synced again.
>
> For instance, my command below runs a spacewalk-repo-sync on a channel twice. 
> In those 2 runs, the same packages are being downloaded and imported. Its 
> seems to me that these packages never got written to database. Anyone can 
> help advise if this is correct or incorrect behaviour?
> Thank you .
>
> [root@ensco2swkdev01 rhn]# spacewalk-repo-sync -c centos7
> 16:40:33 ==
> 16:40:33 | Channel: centos7
> 16:40:33 ==
> 16:40:33 Sync of channel started.
> 16:40:33
> 16:40:33   Processing repository with URL: 
> http://mirror.centos.org/centos/7/updates/x86_64/
> 16:41:46 Packages in repo:  2236
> 16:41:50 Packages already synced:   2228
> 16:41:50 Packages to sync: 8
> 16:41:50 New packages to download: 8
> 16:41:50   Downloading packages:
> 16:41:50 1/8 : pki-base-10.5.9-6.el7.noarch.rpm
...
> 16:42:01   Processing repository with URL: 
> http://mirror.centos.org/centos/7/os/x86_64/
> 16:42:11
> 16:42:11   Importing comps file comps.xml.
> 16:42:13 Packages in repo: 10019
> 16:42:34 Packages already synced:  10011
> 16:42:34 Packages to sync: 8
> 16:42:34 New packages to download: 8
> 16:42:34   Downloading packages:
> 16:42:34 1/8 : pki-base-10.5.9-6.el7.noarch.rpm
...

Hello,

If you download the two packages
http://mirror.centos.org/centos/7/updates/x86_64/Packages/pki-base-10.5.9-6.el7.noarch.rpm
http://mirror.centos.org/centos/7/os/x86_64/Packages/pki-base-10.5.9-6.el7.noarch.rpm
you can see they have different size and buildtime.
414392  'Fri 02 Nov 2018 20:05:20 CET' os/pki-base-10.5.9-6.el7.noarch.rpm
414396  'Tue 29 Jan 2019 18:47:13 CET' updates/pki-base-10.5.9-6.el7.noarch.rpm
So what's actually happening there is: you sync pki-base from os, then 
overwrite it with version from updates; and then during the next sync you 
overwrite it with os version and once more with updates version, etc.

IMHO it's Centos bug - a package from os should never be (without 
version-release change) rebuilt into updates.

I'd recommend to create a separate child channel for updates and do not mix os 
and updates rpms into one channel.


Regards,

--
Michael Mráka
System Management Engineering, Red Hat

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list



CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”


___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Spacewalk server keeps resyncing same packages from channel

[Wenkai Chen]

HI Spacewalk users,

I have a Spacewalk server configure with several channels (CentOS and RHEL).
When I tried to do a spacewalk-repo-sync, I discovered that it keeps syncing 
the same packages over and over again. These same packages are already resynced 
during the last repo sync. However, it gets synced again.

For instance, my command below runs a spacewalk-repo-sync on a channel twice. 
In those 2 runs, the same packages are being downloaded and imported. Its seems 
to me that these packages never got written to database. Anyone can help advise 
if this is correct or incorrect behaviour?
Thank you .

[root@ensco2swkdev01 rhn]# spacewalk-repo-sync -c centos7
16:40:33 ==
16:40:33 | Channel: centos7
16:40:33 ==
16:40:33 Sync of channel started.
16:40:33
16:40:33   Processing repository with URL: 
http://mirror.centos.org/centos/7/updates/x86_64/
16:41:46 Packages in repo:  2236
16:41:50 Packages already synced:   2228
16:41:50 Packages to sync: 8
16:41:50 New packages to download: 8
16:41:50   Downloading packages:
16:41:50 1/8 : pki-base-10.5.9-6.el7.noarch.rpm
16:41:50 2/8 : pki-kra-10.5.9-6.el7.noarch.rpm
16:41:50 3/8 : pki-symkey-10.5.9-6.el7.x86_64.rpm
16:41:50 4/8 : pki-ca-10.5.9-6.el7.noarch.rpm
16:41:52 5/8 : pki-tools-10.5.9-6.el7.x86_64.rpm
16:41:53 6/8 : pki-base-java-10.5.9-6.el7.noarch.rpm
16:41:55 7/8 : pki-javadoc-10.5.9-6.el7.noarch.rpm
16:41:56 8/8 : pki-server-10.5.9-6.el7.noarch.rpm
16:41:56
16:41:56   Importing packages to DB:
   Importing packages: 
|##| 100.0%
16:42:00
16:42:00   Linking packages to the channel.
16:42:00
16:42:00   Errata in repo: 0.
16:42:00
16:42:00   Processing repository with URL: 
http://mirror.centos.org/centos/7/extras/x86_64/
16:42:00 Packages in repo:   419
16:42:01 No new packages to sync.
16:42:01
16:42:01   Errata in repo: 0.
16:42:01
16:42:01   Processing repository with URL: 
http://mirror.centos.org/centos/7/os/x86_64/
16:42:11
16:42:11   Importing comps file comps.xml.
16:42:13 Packages in repo: 10019
16:42:34 Packages already synced:  10011
16:42:34 Packages to sync: 8
16:42:34 New packages to download: 8
16:42:34   Downloading packages:
16:42:34 1/8 : pki-base-10.5.9-6.el7.noarch.rpm
16:42:34 2/8 : pki-kra-10.5.9-6.el7.noarch.rpm
16:42:34 3/8 : pki-ca-10.5.9-6.el7.noarch.rpm
16:42:34 4/8 : pki-symkey-10.5.9-6.el7.x86_64.rpm
16:42:36 5/8 : pki-tools-10.5.9-6.el7.x86_64.rpm
16:42:36 6/8 : pki-base-java-10.5.9-6.el7.noarch.rpm
16:42:38 7/8 : pki-javadoc-10.5.9-6.el7.noarch.rpm
16:42:39 8/8 : pki-server-10.5.9-6.el7.noarch.rpm
16:42:40
16:42:40   Importing packages to DB:
   Importing packages: 
|##| 100.0%
16:42:43
16:42:43   Linking packages to the channel.
16:42:43
16:42:43   Errata in repo: 0.
16:42:43 Sync of channel completed in 0:02:10.
16:42:43 Total time: 0:02:10
[root@ensco2swkdev01 rhn]# spacewalk-repo-sync -c centos7
17:08:38 ==
17:08:38 | Channel: centos7
17:08:38 ==
17:08:38 Sync of channel started.
17:08:38
17:08:38   Processing repository with URL: 
http://mirror.centos.org/centos/7/updates/x86_64/
17:09:45 Packages in repo:  2236
17:09:50 Packages already synced:   2228
17:09:50 Packages to sync: 8
17:09:50 New packages to download: 8
17:09:50   Downloading packages:
17:09:50 1/8 : pki-base-10.5.9-6.el7.noarch.rpm
17:09:50 2/8 : pki-kra-10.5.9-6.el7.noarch.rpm
17:09:50 3/8 : pki-symkey-10.5.9-6.el7.x86_64.rpm
17:09:50 4/8 : pki-ca-10.5.9-6.el7.noarch.rpm
17:09:51 5/8 : pki-tools-10.5.9-6.el7.x86_64.rpm
17:09:51 6/8 : pki-base-java-10.5.9-6.el7.noarch.rpm
17:09:52 7/8 : pki-javadoc-10.5.9-6.el7.noarch.rpm
17:09:52 8/8 : pki-server-10.5.9-6.el7.noarch.rpm
17:09:52
17:09:52   Importing packages to DB:
   Importing packages: 
|##| 100.0%
17:09:56
17:09:56   Linking packages to the channel.
17:09:56
17:09:56   Errata in repo: 0.
17:09:56
17:09:56   Processing repository with URL: 
http://mirror.centos.org/centos/7/extras/x86_64/
17:09:56 Packages in repo:   419
17:09:57 No new packages to sync.
17:09:57
17:09:57   Errata in repo: 0.
17:09:57
17:09:57   Processing repository with URL: 
http://mirror.centos.org/centos/7/os/x86_64/
17:10:01
17:10:01   Importing comps file comps.xml.
17:10:03 Packages in repo: 10019
17:10:23 Packages already synced:  10011
17:10:23 Packages to sync: 8
17:10:23 New packages to download: 8
17:10:23   Downloading packages:

Re: [Spacewalk-list] Unable to start jabberd and osa-dispatcher service successfully

[Wenkai Chen]

HI,

I have managed to resolved the issue from now, based on this article 
https://bugzilla.redhat.com/show_bug.cgi?id=1480697

Seems that sqlite issue.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tableware  Description generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a sign  Description 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213


From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Ananta Chakravartula
Sent: Thursday, 18 July 2019 12:02 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Unable to start jabberd and osa-dispatcher 
service successfully

You probably have to change the hostname in here



grep osa /etc/rhn/rhn.conf


Ananta

sent from my phone. Sory fer eny typeos

On Wed, Jul 17, 2019, 10:38 PM Wenkai Chen 
mailto:wenkai_c...@ensigninfosecurity.com>> 
wrote:
HI Spacewalk Users,

I encountered the following error after changing the hostname of the spacewalk 
server

2019/07/18 10:36:15 +08:00 3614 0.0.0.0<http://0.0.0.0>: 
osad/jabber_lib.main('ERROR', 'Traceback (most recent call last):\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 124, in main\nc 
= self.setup_connection(no_fork=no_fork)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 302, in 
setup_connection\nresource=self._resource)\n  File 
"/usr/lib/python2.7/site-packages/osad/dispatcher_client.py", line 36, in 
start\nself.auth(username, password, resource)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 894, in auth\n
self.register(username, password)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 1140, in register\n 
   self.sendRegInfo()\n  File 
"/usr/lib/python2.7/site-packages/jabber/jabber.py", line 645, in sendRegInfo\n 
   return self.SendAndWaitForResponse(reg_iq)\n  File 
"/usr/lib/python2.7/site-packages/jabber/jabber.py", line 402, in 
SendAndWaitForResponse\nreturn self.waitForResponse(ID,timeout)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 1210, in 
waitForResponse\nraise JabberQualifiedError(self.lastErrCode, 
self.lastErr)\nJabberQualifiedError: \n')

I ran the spacewalk-rename-hostname script and now this issue occurred. Please 
help. I am unable to find any useful resources online.
Thank you.

[A close up of a signDescription generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing buildingDescription generated with high 
confidence] <https://www.linkedin.com/company/ensign-infosecurity/>  [A 
picture containing tablewareDescription generated with high confidence] 
<https://youtu.be/9J7FkhXpb-4>  [A close up of a signDescription 
generated with high confidence] <https://www.facebook.com/EnsignGlobal>

  E:  
wenkai_c...@ensigninfosecurity.com<mailto:wenkai_c...@ensigninfosecurity.com>
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: “This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you.”

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com<mailto:Spacewalk-list@redhat.com>
https://www.redhat.com/mailman/listinfo/spacewalk-list
___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Unable to start jabberd and osa-dispatcher service successfully

[Wenkai Chen]

HI Spacewalk Users,

I encountered the following error after changing the hostname of the spacewalk 
server

2019/07/18 10:36:15 +08:00 3614 0.0.0.0: osad/jabber_lib.main('ERROR', 
'Traceback (most recent call last):\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 124, in main\nc 
= self.setup_connection(no_fork=no_fork)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 302, in 
setup_connection\nresource=self._resource)\n  File 
"/usr/lib/python2.7/site-packages/osad/dispatcher_client.py", line 36, in 
start\nself.auth(username, password, resource)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 894, in auth\n
self.register(username, password)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 1140, in register\n 
   self.sendRegInfo()\n  File 
"/usr/lib/python2.7/site-packages/jabber/jabber.py", line 645, in sendRegInfo\n 
   return self.SendAndWaitForResponse(reg_iq)\n  File 
"/usr/lib/python2.7/site-packages/jabber/jabber.py", line 402, in 
SendAndWaitForResponse\nreturn self.waitForResponse(ID,timeout)\n  File 
"/usr/lib/python2.7/site-packages/osad/jabber_lib.py", line 1210, in 
waitForResponse\nraise JabberQualifiedError(self.lastErrCode, 
self.lastErr)\nJabberQualifiedError: \n')

I ran the spacewalk-rename-hostname script and now this issue occurred. Please 
help. I am unable to find any useful resources online.
Thank you.

[A close up of a sign  Description generated with very high confidence]

Chen Wenkai
Infrastructure Security Engineer

   [A picture containing building  Description generated with high 
confidence]   [A 
picture containing tableware  Description generated with high confidence] 
  [A close up of a sign  Description 
generated with high confidence] 

  E:  wenkai_c...@ensigninfosecurity.com
  A:  30A Kallang Place, Level 9 Right Wing, Singapore 339213





CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

Re: [Spacewalk-list] Spacewalk 2.9 - Enabling GPG check for channels

[Wenkai Chen]

Hi,

If I have configured the GPG settings under "Manage Software Channels' > 
'Channel Name' > 'Details', means it is enabled?

Attached a screenshot if it is correct. Thanks.


Regards,
Wenkai

-Original Message-
From: spacewalk-list-boun...@redhat.com  On 
Behalf Of Robert Paschedag
Sent: Wednesday, 17 July 2019 2:34 PM
To: spacewalk-list@redhat.com
Subject: Re: [Spacewalk-list] Spacewalk 2.9 - Enabling GPG check for channels

You have to check within the channel options in spacewalk, if GPG signing is 
activated.

Robert


⁣sent from my mobile device​


 Originale Nachricht ----
Von: Wenkai Chen 
Gesendet: Wed Jul 17 05:29:31 GMT+02:00 2019
An: "spacewalk-list@redhat.com" 
Betreff: [Spacewalk-list]  Spacewalk 2.9 - Enabling GPG check for channels

HI Spacewalk users,

I just configured Spacewalk to sync from Red hat and Centos repositories. 
However, I am unsure of whether GPG check is really enabled for each channel.
I would like to enable GPG check for security reasons.
I could not find any useful resources online, apart from this article 
https://serverfault.com/questions/593281/how-to-disable-gpg-checks-per-channel-in-spacewalk
 which tells us how to disable gpg check in a channel. I did the reverse so 
that I can enable it.

However, I am not exactly sure if it works. I am also not sure for Centos 
channels, is gpg check enabled by default? Where exactly are the settings in 
spacewalk to configure this?
I understand that for standalone servers, these settings can be configured 
under the /etc/yum.repos.d/ folder files corresponding to the repository. But I 
am not exactly sure if it is similar to Spacewalk servers? Or channels in that 
manner.

Thanks.

Regards,
Wenkai








CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."





___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

[Spacewalk-list] Spacewalk 2.9 - Enabling GPG check for channels

[Wenkai Chen]

HI Spacewalk users,

I just configured Spacewalk to sync from Red hat and Centos repositories. 
However, I am unsure of whether GPG check is really enabled for each channel.
I would like to enable GPG check for security reasons.
I could not find any useful resources online, apart from this article 
https://serverfault.com/questions/593281/how-to-disable-gpg-checks-per-channel-in-spacewalk
 which tells us how to disable gpg check in a channel. I did the reverse so 
that I can enable it.

However, I am not exactly sure if it works. I am also not sure for Centos 
channels, is gpg check enabled by default? Where exactly are the settings in 
spacewalk to configure this?
I understand that for standalone servers, these settings can be configured 
under the /etc/yum.repos.d/ folder files corresponding to the repository. But I 
am not exactly sure if it is similar to Spacewalk servers? Or channels in that 
manner.

Thanks.

Regards,
Wenkai








CONFIDENTIALITY NOTICE: "This email is confidential and may also be privileged. 
If this email has been sent to you in error, please delete it immediately and 
notify us. Please do not copy, distribute or disseminate part or whole of this 
email if you are not the intended recipient or if you have not been authorized 
to do so. We reserve the right, to the extent and under circumstances permitted 
by applicable laws, to monitor, retain, intercept and block email messages to 
and from our systems. Thank you."

___
Spacewalk-list mailing list
Spacewalk-list@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list