On Tue, Nov 04, 2008 at 11:59:56AM -0600, Puck wrote: > Has anyone gotten osa-dispatcher/osad working that could do a write-up > on the wiki? I tried it once but ran into a bunch of TLS problems and > never got it working so I gave up. If someone else has a working > solution, I'd appreciate seeing the steps. I assume I just missed a > basic step somewhere that I wasn't aware of. > > When I tried, all the help I could find was: > Install jabberd and osa-dispatcher (on spacewalk server) > Edit /etc/jabberd/c2s.xml to uncomment router->pemfile and starttls > lines (server) > Restart rhn-satellite (server) > Install osad (on client) > Copy /etc/jabberd/server.pem (server) to /usr/share/rhn/RHNS-JABBER-CERT > (client) > Edit /etc/sysconfig/rhn/osad.conf (client) and set osa_ssl_cert = > /usr/share/rhn/RHNS-FCCI-CERT > Start osad (client) > > I forget where it first failed but I remember I spent a lot of time > massaging the config files to get it further along in the process but > eventually it just wouldn't go any further and I gave up. If anyone else > can add in a few steps I missed I'm willing to write the procedure up > into a wiki entry for all to enjoy. Any takers?
Not sure if my experience is representative enough for the wiki but here it is. Sounds pretty similar to yours except you do some extra things with certificates. In my case the /etc/jabberd/server.pem certificate was correct and identical to the one used by the rest of spacewalk. Presumably spacewalk-setup put it there. However, the certificate was not readable by the jabberd user, which caused problems. Also, it was necessary to open the jabberd router port inbound on the spacewalk server's firewall (5222) I turned SELinux off on the spacewalk server due to Oracle's need for text relocatable libs, there may be some extra setup steps there to get jabberd to work if you have it turned on. On the clients, I need to install the rhn-org-trusted-ssl-cert package and edit /etc/sysconfig/rhn/osad.conf to include the following line (easy to do in Kickstart %postinstall section): osa_ssl_cert = /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT Then chkconfig osad on Starting "osad -v -N" on the clients was very helpful when figuring out how to do this, as osad then would complain loudly if it couldn't get a connection. Regards, -- David Nutter Tel: +44 (0)131 650 4888 BioSS, JCMB, King's Buildings, Mayfield Rd, EH9 3JZ. Scotland, UK Biomathematics and Statistics Scotland (BioSS) is formally part of The Scottish Crop Research Institute (SCRI), a registered Scottish charity No. SC006662 _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list