undefined method `type' for #<Katello::Erratum:0x007f991e177be0> Documentation

[iforte]

I successfully ran the pl file and no errors were thrown but now I can't access the web interface. I get the error above and can provide a stack trace if you like. Is there anyway to rollback the errata deploy?

[rdrgmnzs]

You might be able to go in to the repo and delete the errata through pulp.

pulp-admin login -u admin --password=XYZ ----- get a session cert pulp-admin repo list | grep -B 5 Erratum ----- get my repos where erratas available pulp-admin repo list -s ----- show list of my repos pulp-admin rpm repo content errata --match type=security --repo-id=REPO_X ----- list all security erratas in repo_x Then delete the errata

The stack trace would give me some more clues into what happened and I might be able to replicate it and try fixing the issue.

[iforte]

I tried running pulp-admin repo list and got this:

pulp-admin repo list +----------------------------------------------------------------------+ Repositories +----------------------------------------------------------------------+

An error occurred attempting to contact the server. More information can be found in the client log file ~/.pulp/admin.log.

and here is the admin.log:

2015-10-27 15:55:25,090 - ERROR - Client-side exception occurred Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/pulp/client/extensions/core.py", line 478, in run exit_code = Cli.run(self, args) File "/usr/lib/python2.6/site-packages/okaara/cli.py", line 974, in run exit_code = command_or_section.execute(self.prompt, remaining_args) File "/usr/lib/python2.6/site-packages/pulp/client/extensions/extensions.py", line 224, in execute return self.method(_arg_list, _clean_kwargs) File "/usr/lib/python2.6/site-packages/pulp/client/commands/repo/cudl.py", line 330, in run self.display_repositories(_kwargs) File "/usr/lib/python2.6/site-packages/pulp/client/commands/repo/cudl.py", line 358, in display_repositories repo_list = self.get_repositories(query_params, *_kwargs) File "/usr/lib/python2.6/site-packages/pulp/client/commands/repo/cudl.py", line 420, in get_repositories repo_list = self.context.server.repo.repositories(query_params).response_body File "/usr/lib/python2.6/site-packages/pulp/bindings/repository.py", line 34, in repositories return self.server.GET(path, query_parameters) File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line 92, in GET return self._request('GET', path, queries) File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line 142, in _request response_code, response_body = self.server_wrapper.request(method, url, body) File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line 332, in request raise exceptions.ConnectionException(None, str(err), None) ConnectionException: (None, 'tlsv1 alert unknown ca', None)

On Tue, Oct 27, 2015 at 3:39 PM, Rodrigo Menezes notifications@github.com wrote:

You might be able to go in to the repo and delete the errata through pulp.

pulp-admin login -u admin --password=XYZ ----- get a session cert pulp-admin repo list | grep -B 5 Erratum ----- get my repos where erratas available pulp-admin repo list -s ----- show list of my repos pulp-admin rpm repo content errata --match type=security --repo-id=REPO_X ----- list all security erratas in repo_x Then delete the errata

The stack trace would give me some more clues into what happened and I might be able to replicate it and try fixing the issue.

— Reply to this email directly or view it on GitHub https://github.com/brdude/pulp_centos_errata_import/issues/7#issuecomment-151665887 .

[rdrgmnzs]

Looks like an issue with pulp.

What version of foreman / Katello is installed? What version of pulp is intalled? What is the distro and release you are using? What repo where you attempting to insert erratas into?

Also any change you have the stack trace for the foreman error?

[iforte]

foreman is 1.11 pulp is 2.6.2.1 centos 6.7 x86_64 I ran the script https://github.com/brdude/pulp_centos_errata_import i never specified which repo but I didn't se an option to specify which repo the errata gets insterted in.

http://pastebin.com/YVfhjFGk - i pasted the foreman trace

So I worked with one of the guys on irc and there was a bug that he helped me patch..so I can get into the UI now. BUT the problem now is the errata for the centos repo's isn't showing up.

On Tue, Oct 27, 2015 at 4:06 PM, Rodrigo Menezes notifications@github.com wrote:

Looks like an issue with pulp.

What version of foreman / Katello is installed? What version of pulp is intalled? What is the distro and release you are using? What repo where you attempting to insert erratas into?

Also any change you have the stack trace for the foreman error?

— Reply to this email directly or view it on GitHub https://github.com/brdude/pulp_centos_errata_import/issues/7#issuecomment-151670901 .

[rdrgmnzs]

Got it I've never actually tested this out on anything above foreman 1.9, and from what you said it looks like there is some sort of bug on the upstream dev code or something in my code that doesn't play well with it.

As for the errata not showing up, you need to re-sync the repos before foreman sees them. The other thing that might be happening is that the script does not account for the published content views which technically also include the same packages as the main repo and so it inserts the erratas into the views. A way to get around that is by utilizing the --include-repo option added in PR# 6.

[rdrgmnzs]

Were you able to get the errata issue fixed?

[iforte]

Not yet. I'm trying to resolve an issue I noticed while troubleshooting. When i do a pulp-admin repo list...I get an exception:

2015-11-06 10:05:26,063 - ERROR - Client-side exception occurred Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/pulp/client/extensions/core.py", line 478, in run exit_code = Cli.run(self, args) File "/usr/lib/python2.6/site-packages/okaara/cli.py", line 974, in run exit_code = command_or_section.execute(self.prompt, remaining_args) File "/usr/lib/python2.6/site-packages/pulp/client/extensions/extensions.py", line 224, in execute return self.method(_arg_list, _clean_kwargs) File "/usr/lib/python2.6/site-packages/pulp/client/commands/repo/cudl.py", line 330, in run self.display_repositories(_kwargs) File "/usr/lib/python2.6/site-packages/pulp/client/commands/repo/cudl.py", line 358, in display_repositories repo_list = self.get_repositories(query_params, *_kwargs) File "/usr/lib/python2.6/site-packages/pulp/client/commands/repo/cudl.py", line 420, in get_repositories repo_list = self.context.server.repo.repositories(query_params).response_body File "/usr/lib/python2.6/site-packages/pulp/bindings/repository.py", line 34, in repositories return self.server.GET(path, query_parameters) File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line 92, in GET return self._request('GET', path, queries) File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line 142, in _request response_code, response_body = self.server_wrapper.request(method, url, body) File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line 332, in request raise exceptions.ConnectionException(None, str(err), None) ConnectionException: (None, 'tlsv1 alert unknown ca', None)

On Wed, Nov 4, 2015 at 2:23 PM, Rodrigo Menezes notifications@github.com wrote:

Were you able to get the errata issue fixed?

— Reply to this email directly or view it on GitHub https://github.com/brdude/pulp_centos_errata_import/issues/7#issuecomment-153888162 .

[geronimodings]

I encountered this issue while troubleshooting this script. The problem lies here ConnectionException: (None, 'tlsv1 alert unknown ca', None). That means there is a difference between the CA of the pulp web-server /etc/httpd/conf.d/pulp.confand the CA that pulp uses to sign the user certificates /etc/pulp/server/server.conf. In the pulp server.confyou'll have to specify the options (under Security) cacert and cakey to match the configuration of the web server.

I guess you've solved the problem already, but I found this post while while searching for an answer... so I guess this answer is mostly for self reference ;)

[rdrgmnzs]

Looks like this is an issue with the katello installer. I just ran into this while deploying katello 2.4 RC3. I went ahead and created a bug for it http://projects.theforeman.org/issues/12841

[iforte]

It's strange there is definitely something going on with the way pulp is configured. when i run pulp-admin login -u admin --password=(password) it connects successfully. Then when I try and get a repo list by running pulp-admin repo list i get that tls error posted above. @geronimodings I confirmed that both files are using the same crt file. It still isn't working for me though.

[rdrgmnzs]

@iforte, my certs where mismatched. So I changed the certs in /etc/pulp/server.conf rebooted the server (to make sure all the appropriate services where restarted) did a "pulp-admin logout" and then logged back in before things would work.

Pulp-admin generates a client cert based on the server.conf config when you log in.

[iforte]

I did a katello-service restart ..what are the permissions you use on the crt file?

On Tue, Dec 15, 2015 at 4:50 PM, Rodrigo Menezes notifications@github.com wrote:

@iforte https://github.com/iforte, my certs where mismatched. So I changed the certs in /etc/pulp/server.conf rebooted the server (to make sure all the appropriate services where restarted) did a "pulp-admin logout" and then logged back in before things would work.

— Reply to this email directly or view it on GitHub https://github.com/brdude/pulp_centos_errata_import/issues/7#issuecomment-164947798 .

[rdrgmnzs]

@iforte : [root@puppet100 ~]# ls -la /etc/pki/katello/certs/katello-default-ca.crt -rw-r--r-- 1 root foreman 5452 Dec 15 01:46 /etc/pki/katello/certs/katello-default-ca.crt [root@puppet100 ~]# ls -la /etc/pki/katello/private/katello-default-ca.key -r--r----- 1 root foreman 1679 Dec 15 01:45 /etc/pki/katello/private/katello-default-ca.key [root@puppet100 ~]#

[geronimodings]

I used the katello-default-ca.crt and the corresponding key. this is my pulp-server configuration:

#cacert: /etc/pki/pulp/ca.crt
#cakey: /etc/pki/pulp/ca.key
cacert: /etc/pki/katello/certs/katello-default-ca.crt
cakey: /etc/pki/katello/private/katello-default-ca.key
#ssl_ca_certificate: /etc/pki/pulp/ssl_ca.crt
user_cert_expiration: 7
consumer_cert_expiration: 3650

I commented out the ssl_ca_certificate because I also use verify_ssl: Falsein the Admin client. Since the katello-default-cais used to sign the http server certificate katello-default-ca.crtshould be used there (see the comments in the configuration file). You can turn verify_ssloff in the /etc/pulp/admin/admin.conf. Of course this should only be used if you run pulp-admin on localhost.

[rdrgmnzs]

The new version of this script works around the issue with not being able to log in with cert based auth anymore.

• Please re-open the issue if you are still seeing any problems.