search

waveclaw / puppet-subscription_manager

Handle Client Registration to RedHat Satellite 6 or Katello
https://rhn.redhat.com
Other
6 stars 34 forks source link

Module keeps subscribing server even though it's not necessary. #119

Open bschonec opened 1 year ago

bschonec commented 1 year ago

The module is successfully subscribing the server but it keeps giving a notice:

Notice: /Stage[main]/Subscription_manager::Config/Rhsm_register[subscription.rhn.redhat.com]/ensure: created (corrective)

I'm sure it's happening in ruby somewhere but I have zero skills when it comes to ruby debugging.

[root@db-07d seed]# cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.6 (Ootpa)
[root@db-07d seed]# puppet --version
7.20.0
[root@db-07d seed]#
bschonec commented 1 year ago

My rhsm_ca_name is empty which is probably causing this code to keep running. Any idea why rhsm_ca_name would be empty?

waveclaw commented 1 year ago

rhsm_ca_name is calculated in the /lib/facter/rhsm_ca_name.rb

if File.exist?('/etc/rhsm/ca/katello-default-ca.pem')
  # Katello or Satellite with custom CA cert
...
elsif File.exist?('/etc/rhsm/ca/katello-server-ca.pem')
  # Katello or Satellite
...
elsif File.exist?('/etc/rhsm/ca/candlepin-local.pem')
  # RedHat SAM
...

If none of these exist, are empty, are corrupt or are not read-able by the user puppet runs as then it could be blank.

On RHEL 8 it should still be the katello-server-ca.pem. But with the newer releases of subscription-manager? One always needs to check. The files are internal to Candlepin which would use the regular libraries instead of directly seeking and parsing the SSL files on disk with openssl libraries.