Thank you for your help. Original source document: https://fedorahosted.org/spacewalk/wiki/CertCreation#InstallGPGkeysintowebapp 1. I've had some problems with scripts_gen-oss-sat-cert.pl but have worked them out until now. I run: ./scripts_gen-oss-sat-cert.pl --orgid 1 --owner rowen --signer rowen --output /usr/share/rhn/config-defaults --expires 2022-04-22 --slots 20000 --provisioning-slots 20000 --satellite-version 1.7 Passphrase: can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory gpg: skipped "rowen": Bad passphrase gpg: signing failed: Bad passphrase open /usr/share/rhn/config-defaults: Is a directory at /usr/share/perl5/vendor_perl/RHN/Cert.pm line 289.
I found `/root/.gnupg/S.gpg-agent' is linked: pwd /root/.gnupg lrwxrwxrwx 1 root root 27 Apr 27 15:40 S.gpg-agent -> /tmp/gpg-ryQeNL/S.gpg-agent In /tmp the directory gpg-ryQeNL does not exist. It does not exist any where else. Before discovering this I tried: http://www.linuxquestions.org/questions/linux-security-4/gpg-gpg-agent-cant-connect-to-root-gnupg-s-gpg-agent-611843/ mkdir -p -m 700 ~/.gnupg mknod -m 700 ~/.gnupg/S.gpg-agent p gpg-agent --daemon GPG_AGENT_INFO=/tmp/gpg-yicDQJ/S.gpg-agent:6618:1; export GPG_AGENT_INFO; And : (Sorry I lost the url I was using.) man gpg-agend ]$ vi $HOME/.bashrc added following lines into it: Code: # GPG-AGENT stuff GET_TTY=`tty` export $GET_TTY /usr/bin/gpg-agent-start.sh 2. Also, what passphrase is the script looking for, root password, a new passphrase? Thanks Jerry Buttitta OSS Administrator I (907)868-5916 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Friday, April 27, 2012 8:00 AM To: [email protected] Subject: Spacewalk-list Digest, Vol 47, Issue 38 Send Spacewalk-list mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit https://www.redhat.com/mailman/listinfo/spacewalk-list or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of Spacewalk-list digest..." Today's Topics: 1. Spacewalk Installation - Problems with Certifications (Gerald Buttitta) 2. Re: Spacewalk Installation - Problems with Certifications (Miroslav Suchy) 3. Spacewalk upgrade (?LIPEK Krzysztof) 4. Re: Spacewalk upgrade (Jan Pazdziora) 5. Re: Spacewalk upgrade (padawan) ---------------------------------------------------------------------- Message: 1 Date: Thu, 26 Apr 2012 10:19:09 -0800 From: Gerald Buttitta <[email protected]> To: "[email protected]" <[email protected]> Subject: [Spacewalk-list] Spacewalk Installation - Problems with Certifications Message-ID: <[email protected]> Content-Type: text/plain; charset="us-ascii" Hi, I am installing Spacewalk on CentOS 6.2. I have it up and running and am going through the instructions at: https://fedorahosted.org/spacewalk/wiki/CertCreation#InstallGPGkeysintowebapp I am running into problems installing the certs. I've run gpg --gen-key with no problems and have exported the keys. 1. My first problem is with "Set the web.gpg_keyring in /etc/rhn/default/rhn_web.conf to your newly exported keyring. " I do not have the /etc/rhn/default directory. I do have /usr/share/rhn/config-defaults/rhn_web.conf so I changed: #web.gpg_keyring = /etc/webapp-keyring.gpg web.gpg_keyring = /etc/spacewalkcertkey.gpg Is this sufficient? Should I create the defaults directory and move the contents of config-defaults to it? 2. I tried to run: ./scripts_gen-oss-sat-cert.pl --orgid 1 --owner rowen --signer rowen --no-pass-phrase --output /etc/rhn/default --expires 2022-04-22 --slots 2000 --provisioning-slots 2000 --satellite-version 1.7 and found that I don't have the required directroy /var/www/lib. perl.x86_64 is installed. Note: I created an empty /etc/rhn/default directory for this step. What am I missing? Any help is greatly appreciated. Jerry Buttitta OSS Administrator I (907)868-5916 http://www.youtube.com/watch?v=_yJBhzMWJCc&feature=player_embedded Motto of US Government "In the United States no one can hear you scream". "I never submitted the whole system of my opinions to the creed of any party of men whatever, in religion, in philosophy, in politics, or in anything else, where I was capable of thinking for myself. Such an addiction is the last degradation of a free and moral agent. If I could not go to heaven but with a party, I would not go there at all." --Thomas Jefferson to Francis Hopkinson, 1789. "A correre e cagare ci si immerda i garretti." The TSA is to offer a new service to airline customers to appease the full body scan complaints. They will now offer confessions as you wait in line. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://www.redhat.com/archives/spacewalk-list/attachments/20120426/1d59342c/attachment.html> ------------------------------ Message: 2 Date: Fri, 27 Apr 2012 09:01:42 +0200 From: Miroslav Suchy <[email protected]> To: [email protected] Subject: Re: [Spacewalk-list] Spacewalk Installation - Problems with Certifications Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 26.4.2012 20:19, Gerald Buttitta wrote: > 1. My first problem is with "Set the web.gpg_keyring in > /etc/rhn/default/rhn_web.conf to your newly exported keyring. " > I do not have the /etc/rhn/default directory. > I do have /usr/share/rhn/config-defaults/rhn_web.conf so I changed: > #web.gpg_keyring = /etc/webapp-keyring.gpg > web.gpg_keyring = /etc/spacewalkcertkey.gpg Is this sufficient? > Should I create the defaults directory and move the contents of > config-defaults to it? Do not create nor move it. /etc/rhn/default/rhn_web.conf has been moved /usr/share/rhn/config-defaults/rhn_web.conf in 1.7 (or 1.6?). I updated wiki. > 2. I tried to run: > ./scripts_gen-oss-sat-cert.pl --orgid 1 --owner rowen --signer rowen > --no-pass-phrase --output /etc/rhn/default --expires 2022-04-22 > --slots 2000 --provisioning-slots 2000 --satellite-version 1.7 and > found that I don't have the required directroy /var/www/lib. > perl.x86_64 is installed. > Note: I created an empty /etc/rhn/default directory for this step. > What am I missing? This is probably some residuum from past. It should not be needed. I removed it from the script. Mirek ------------------------------ Message: 3 Date: Fri, 27 Apr 2012 11:18:14 +0200 From: ?LIPEK Krzysztof <[email protected]> To: <[email protected]> Subject: [Spacewalk-list] Spacewalk upgrade Message-ID: <fdce9ed530509545a1e477a09444c5921bd85...@krakex.fortisbank.com.pl> Content-Type: text/plain; charset="iso-8859-2" Hello, I'm going to upgrade my Spacewalk server from version 1.5 to 1.7 and have one question to you - should I upgrade spacewalk client packages too on all servers connected? Thanks for reply and kind regards, Chris ---------------------------------------------------------------------- BNP Paribas Bank Polska SA (dawniej Fortis Bank Polska SA) z siedzib? w Warszawie przy ul. Suwak 3, zarejestrowany w S?dzie Rejonowym dla m. st. Warszawy, XIII Wydzia? Gospodarczy, KRS pod numerem 6421, NIP: 676-007-83-01, kapita? zak?adowy 1 206 175 300 z?, w ca?o?ci wp?acony. BNP Paribas Bank Polska SA (former Fortis Bank Polska SA) with its registered office in Warsaw at ul. Suwak 3, registered with the District Court for the capital city of Warsaw, XIII Commercial Division of the National Court Register (KRS) under No. 6421, VAT PL 6760078301, holding paid-up share capital of PLN 1,206,175,300. BNP Paribas Bank Polska SA disclaimer:?http://www.bnpparibas.pl/legal/disclaimer.htm ---------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://www.redhat.com/archives/spacewalk-list/attachments/20120427/1bde372c/attachment.html> ------------------------------ Message: 4 Date: Fri, 27 Apr 2012 11:28:13 +0200 From: Jan Pazdziora <[email protected]> To: [email protected] Subject: Re: [Spacewalk-list] Spacewalk upgrade Message-ID: <[email protected]> Content-Type: text/plain; charset=iso-8859-2 On Fri, Apr 27, 2012 at 11:18:14AM +0200, ?LIPEK Krzysztof wrote: > Hello, > > I'm going to upgrade my Spacewalk server from version 1.5 to 1.7 and have one > question to you - should I upgrade spacewalk client packages too on all > servers connected? > It is not necessary to upgrade the Spacewalk client packages, but it is of course good to keep them up-to-date. -- Jan Pazdziora Principal Software Engineer, Satellite Engineering, Red Hat ------------------------------ Message: 5 Date: Fri, 27 Apr 2012 12:17:22 +0200 From: padawan <[email protected]> To: [email protected] Subject: Re: [Spacewalk-list] Spacewalk upgrade Message-ID: <cannmhkswy10wdb2prcxvmnpmhn-vkqtokhy8qzxn8cj8b0p...@mail.gmail.com> Content-Type: text/plain; charset=UTF-8 I'm running in async situation as well since few weeks, where the server is 1.7 and clients are 1.5 - no problems so far, but I'll upgrade the clients for consistency asap. 2012/4/27 Jan Pazdziora <[email protected]>: > On Fri, Apr 27, 2012 at 11:18:14AM +0200, ?LIPEK Krzysztof wrote: >> Hello, >> >> I'm going to upgrade my Spacewalk server from version 1.5 to 1.7 and have >> one question to you - should I upgrade spacewalk client packages too on all >> servers connected? >> > > It is not necessary to upgrade the Spacewalk client packages, but it > is of course good to keep them up-to-date. > > -- > Jan Pazdziora > Principal Software Engineer, Satellite Engineering, Red Hat > > _______________________________________________ > Spacewalk-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/spacewalk-list -- Music and Audio Productions ------------------------------ _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list End of Spacewalk-list Digest, Vol 47, Issue 38 ********************************************** _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
