Activity
From 07/13/2020 to 08/11/2020
08/11/2020
- 01:03 PM Feature #30632 (Ready For Testing): Add HTTPClient class to dhcpd.conf
- 12:59 PM Feature #30632 (Closed): Add HTTPClient class to dhcpd.conf
- To allow booting UEFI HTTP boot hosts into discovery.
- 12:57 PM Refactor #30631 (New): Cleanup dhcpd.conf
- This config could be little bit more cleaner. Here is the tested na cleaned up version:
https://gist.github.com/lz... - 12:44 PM Revision 698e9586 (installer): Bump version to 2.3-develop
08/10/2020
- 07:21 PM Bug #29649 (New): The system does not seem to be IPA-enrolled
- From reports, this hasn't been solved so reopening.
08/09/2020
08/07/2020
- 03:51 PM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- Solution should be https://github.com/theforeman/puppet-dhcp/pull/177
and once accepted use this to do what patch 00... - 03:41 PM Revision 9c65c7a6 (puppet-katello): Release 15.0.0
- 03:40 PM Revision f10bc77e (puppet-katello): Refs #30346 - increment minimum version of puppet-candlepin
- 02:30 PM Revision 375ac42d (puppet-foreman_proxy): Release 15.0.0
- 01:37 PM Revision e3bf0112 (puppet-foreman): Release 15.1.0
- 08:14 AM Revision 3fae22e0 (puppet-foreman_proxy_content): Release 12.0.0
08/06/2020
- 03:15 PM Revision 9eb1cc98 (puppet-pulpcore): Release 1.2.0
- 02:52 PM Revision 17812918 (puppet-pulp): Release 8.1.0
08/05/2020
- 08:30 PM Revision 887593ba (puppet-foreman_proxy): don't fail on upcase() when domain fact is undefined
- 08:29 PM Revision 8cee0830 (puppet-foreman_proxy): Fix tftp on RedHat 8
- 07:54 PM Revision 04554efd (puppet-puppet): Release 14.1.0
- 07:34 PM Revision 814cb4bf (puppet-candlepin): Release 10.0.0
- 07:07 PM Revision b2afe1e5 (puppet-certs): Release 9.0.0
- 06:31 PM Revision ed78b931 (puppet-puppet): Use server_trusted_agents in v4 catalog endpoint
- 03:48 PM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- Well, we maintain both modules. It might be good to have two versions: the simple to cherry pick and the proper upstr...
- 03:32 PM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- It was just a pitch :)
I've finished that idea, with the dhcp_dir variable you have proposed.
I've tested it on deb... - 12:00 PM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- I have pretty much no experience with overriding attributes this way so I don't know how reliable it is. Normally my ...
- 09:43 AM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- Given we won't consider the missing key as part of this vulnerability, the fix should be just changing permissions on...
- 12:00 PM Feature #30569 (Ready For Testing): Add migration to change logging pattern
- 11:55 AM Feature #30569 (Closed): Add migration to change logging pattern
08/03/2020
- 08:01 PM Feature #30553 (Closed): Add foreman_statistics plugin
- Applied in changeset commit:installer|73ff2e2e9a665d3a318e2609a766ba3b7ca3b718.
- 04:41 PM Feature #30553 (Ready For Testing): Add foreman_statistics plugin
- 04:37 PM Feature #30553 (Closed): Add foreman_statistics plugin
- In commit:705ae080e37b3f8d6d4de7d4d6e3518efb6bc713 the statistics plugin was added to the module. This should also be...
- 07:38 PM Revision b560645b (installer): Add column_view plugin
- 07:28 PM Revision 73ff2e2e (installer): Fixes #30553 - Add foreman_statistics plugin
- 02:27 PM Revision d755349d (puppet-foreman): add plugin foreman_column_view
- 01:48 PM Revision 705ae080 (puppet-foreman): Add foreman_statistics plugin
- 01:28 PM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- 2.1.1 is going out and since there's still some issues, aligning to 2.2.0 again.
07/30/2020
- 04:05 PM Bug #30019 (Need more information): Installation failed when using --foreman-db-manage false and --katello-candlepin-manage-db false
- Does that resolve the issue?
- 03:01 PM Feature #30078 (Closed): Manage configuration of default_hostgroup plugin
- Applied in changeset commit:puppet-foreman|8e4c89a9eb36cc6f396c1abfd0a0d12c7ff8424c.
- 02:30 PM Bug #28385 (Closed): When upgrading to pg10 candlepin migration fails if --upgrade is forgotten
- We've dropped --upgrade in the most recent versions and it should just do the right thing.
- 02:26 PM Bug #28693 (Need more information): Candlepin fails to talk to qpidd listening on ::1 when connecting by hostname "localhost"
- Now that we have Artemis and qpid isn't there anymore, I think this can closed?
- 02:24 PM Bug #28577 (Closed): running installer inside forklift fails due to scl being enabled
- This will have been resolved now that it uses SCL itself.
- 02:20 PM Bug #28964 (Duplicate): Foreman proxy realm plugin missing xmlrpc -- needs to install rh-ruby25-rubygem-xmlrpc
- Fixed in #30040
- 02:15 PM Revision 8e4c89a9 (puppet-foreman): Fixes #30078 - add parameter to accept a hostgroup config hash
- 02:08 PM Feature #30284: Provide clearer Smart Proxy registration errors with as much context as possible based on the error
- Removing the milestone since I don't think we'll get to this before 2.2.0 and it shouldn't block.
- 01:21 PM Bug #30523 (Ready For Testing): Make Candlepin database migration idempotent
- 12:24 PM Revision 75968523 (installer): Refs #30506: Install crane-selinux if pulp enabled
- 12:13 PM Revision 1caf701a (puppet-foreman_proxy): Improve the readability of the provided grub.cfg
07/29/2020
- 10:53 PM Bug #30523 (Closed): Make Candlepin database migration idempotent
- The Candlepin database migration happens on every installer run because we cannot reliably detect if there are pendin...
- 11:55 AM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- You are right, not enabling the omapi at all is stupid.
I do not believe enforcing the key should be part of this ...
07/28/2020
- 04:29 PM Feature #30284: Provide clearer Smart Proxy registration errors with as much context as possible based on the error
- Perhaps we can also use the #28384 to provide better debug instructions. I've asked @ https://github.com/theforeman/f...
- 04:08 PM Refactor #30507 (Ready For Testing): Use katello_enabled? throughout hooks
- 02:09 PM Refactor #30507 (Closed): Use katello_enabled? throughout hooks
- 04:07 PM Revision 54def6c7 (installer): Refs #30506: Check modern selinux enabled fact
- 03:01 PM Feature #30506 (Closed): Install selinux packages via a hook
- Applied in changeset commit:installer|115a55787b7b5077ee4364d5e2cc23429f82bf1b.
- 01:57 PM Feature #30506 (Ready For Testing): Install selinux packages via a hook
- 01:49 PM Feature #30506 (Closed): Install selinux packages via a hook
- 02:20 PM Revision 115a5578 (installer): Fixes #30506: Ensure selinux packages are installed before puppet run
- 12:51 PM Revision 5e681e59 (puppet-katello): Refs #30346 - override candlepin client keypair group
- 10:55 AM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- Setting the mode on /etc/dhcp/dhcpd.conf to 640 breaks things because we don't set an ACL in that - only the director...
- 09:26 AM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- Are you sure this works? It looks like it disables omapi unless a key and secret are set. This is something that the ...
07/27/2020
- 04:32 PM Feature #30497 (New): Allow using katello::candlepin and katello::application without sharing any files
- It should be possible to deploy candlepin and the katello application without sharing any files. This allows deployme...
- 03:04 PM Revision 354cad34 (puppet-certs): Refs #30346 - allow override of candlepin client keypair group
- 11:03 AM Feature #30284: Provide clearer Smart Proxy registration errors with as much context as possible based on the error
- Noting down so I don't forget: we can also retry on some HTTP errors, like 5xx errors on listing.
07/24/2020
- 10:49 PM Bug #30489: CVE-2020-14335 world-readable OMAPI secret
- Adding a proposed patch
- 09:55 PM Bug #30489 (Closed): CVE-2020-14335 world-readable OMAPI secret
07/23/2020
- 03:13 PM Revision a4747281 (puppet-pulpcore): Introduce a curl_command helper
- This aims to reduce the duplication in curl verifications and also
allows checking both the body and the response code. - 12:13 PM Feature #28961 (Duplicate): Remove Pulp 2 as a backend for Katello
- 12:10 PM Feature #28961 (New): Remove Pulp 2 as a backend for Katello
- 12:08 PM Feature #30359 (Duplicate): Remove Pulp 2 from being deployed on foreman-proxy with content
- 12:06 PM Bug #30474 (Resolved): Installer should manage /etc/foreman-proxy/settings.d/pulpcore.yml
- 11:50 AM Bug #30474: Installer should manage /etc/foreman-proxy/settings.d/pulpcore.yml
- Thanks for the link Ewoud.
I was searching for option --foreman-proxy-plugin-pulp-pulp-url and --foreman-proxy-plug... - 11:38 AM Bug #30474 (Need more information): Installer should manage /etc/foreman-proxy/settings.d/pulpcore.yml
- This file is already managed by foreman_proxy::plugin::pulp (see https://github.com/theforeman/puppet-foreman_proxy/b...
- 11:30 AM Bug #30474 (Resolved): Installer should manage /etc/foreman-proxy/settings.d/pulpcore.yml
- puppet-pulpcore should manage pulp_url and content_app_url in /etc/foreman-proxy/settings.d/pulpcore.yml.
- 11:57 AM Support #29935 (Rejected): getting error while creating location for the first time
- This looks like a bug in some plugin. https://community.theforeman.org/c/support/10 is a better place for this.
- 11:56 AM Support #30008 (Rejected): installing SSL certificate for katello
- There is insufficient data here to act on.
- 11:54 AM Feature #30309: Drop Pulp 2 related parameters from puppet-foreman_proxy Pulp plugin
- IMHO we should only drop the options when the plugin itself has dropped them. I'd suggest that this is blocked on a n...
- 11:50 AM Feature #30308 (Duplicate): Remove Pulp 2 and Qpid from puppet-katello
07/22/2020
07/21/2020
- 04:28 PM Bug #30465 (Closed): Pulpcore services run unconfined in SELinux
- Currently the services run unconfined because pulpcore-selinux only labels /usr/{local,lib/pulp}/bin/{gunicorn,rq} bu...
- 11:01 AM Bug #30456 (Closed): icons missing on /pub download page
- Applied in changeset commit:puppet-foreman|9bb72cee31c3d7265f4f83c9dc222f7205848fed.
- 08:55 AM Bug #30456 (Ready For Testing): icons missing on /pub download page
- 08:42 AM Bug #30456 (Assigned): icons missing on /pub download page
- 08:41 AM Bug #30456 (Closed): icons missing on /pub download page
- Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1841818
*Description of problem:*
Index of /pub has no... - 10:26 AM Revision 9bb72cee (puppet-foreman): Fixes #30456 - Fix missing icons on /pub page
- The requests for /icons/* were being proxy-passed to puma, which didn't know
about any icons and returned 404s.
07/20/2020
- 03:58 PM Bug #30449 (Ready For Testing): Foreman Proxy HTTPBoot feature should not require tftp
- 03:52 PM Bug #30449 (Closed): Foreman Proxy HTTPBoot feature should not require tftp
- Foreman Proxy's HTTPBoot feature used to require tftp, but since Foreman Proxy 1.22 this is no longer true (commit:db...
- 11:10 AM Bug #29649: The system does not seem to be IPA-enrolled
- After reading the code a bit and looking what was actually requested I hacked around a bit and came up with this:
Of...
07/18/2020
- 03:59 AM Feature #30436: As a developer I'd like to set the exportable paths via installer
- Note you will also have to set the permissions/ownershjp to apache:pulp for the directories you are creating and allo...
- 03:57 AM Feature #30436: As a developer I'd like to set the exportable paths via installer
- Also check out https://docs.pulpproject.org/settings.html#allowed-export-paths
- 03:52 AM Feature #30436 (Closed): As a developer I'd like to set the exportable paths via installer
- We need to be able to add to /etc/pulp/settings.py ...
07/17/2020
07/16/2020
- 10:59 PM Bug #30423 (Ready For Testing): pulp 3 is configured to store downloaded content in /var/lib/pulp/docroot/
- 07:27 PM Bug #30423 (Closed): pulp 3 is configured to store downloaded content in /var/lib/pulp/docroot/
- Pulp3 uses this setting to configure where things are downloaded:
MEDIA_ROOT
we are currently setting it to "/... - 06:02 PM Refactor #29801 (Ready For Testing): Move --tuning option to hooks/
- 03:45 PM Revision 8c66bff5 (puppet-pulpcore): Run pulpcore-manager as the pulp user
- 12:56 PM Bug #30402 (New): Passing --upgrade causes error
- Yep, the solution is to NOT pass the '--upgrade' flag, it is no longer needed
- 12:50 PM Bug #30402 (Resolved): Passing --upgrade causes error
- Solution: Documentation was recently updated to just execute foreman-installer. Prior upgrade commands had paramet...
- 12:02 PM Revision fbeae282 (puppet-pulpcore): Use pulpcore-manager
- This requires at least Pulp 3.2.0, but since
f59265ebb9fbe9cceddad37400849f8935538d1e that's been the required
minimu... - 11:01 AM Feature #29895 (Closed): Enable pulp_deb plugin for pulpcore
- Applied in changeset commit:puppet-pulpcore|c36c05b8d0705c2ae3c40f8e5ea978e3191c5074.
07/15/2020
- 07:01 PM Bug #29296 (Closed): Drop --upgrade flag from katello hooks
- Applied in changeset commit:installer|79f509685e75141038f03e0505018ba7e0a920de.
- 06:04 PM Bug #29296 (Ready For Testing): Drop --upgrade flag from katello hooks
- 06:21 PM Revision 79f50968 (installer): Fixes #29296 - remove --upgrade
- 05:52 PM Bug #30402: Passing --upgrade causes error
- Thanks for the report. Do you mind opening a thread on our support forum to get some more feedback on your issue? You...
- 03:57 PM Bug #30402: Passing --upgrade causes error
- The command that is failing: # foreman-installer --scenario katello --upgrade
Return Code: 1
stderr: |-
/opt... - 05:40 PM Refactor #29799 (Ready For Testing): Add --clear-pulp-content to hooks/ and scope on katello module being enabled
- 03:24 PM Revision c36c05b8 (puppet-pulpcore): Fixes #29895 - add pulp_deb plugin
- 01:15 PM Bug #29649: The system does not seem to be IPA-enrolled
- ...
07/14/2020
- 03:53 PM Bug #30402 (Closed): Passing --upgrade causes error
- msg: non-zero return code
rc: 1
start: '2020-07-14 11:29:33.872937'
stderr: |-
/opt/theforeman/tfm/ro... - 03:01 PM Feature #29797 (Closed): Merge --reset-foreman-db and --reset into --reset-data
- Applied in changeset commit:installer|7ca7d88d42ec5a340c3af256096fdede35a3ebe9.
- 02:20 PM Revision 7ca7d88d (installer): Fixes #29797 - Merge --reset-foreman-db and --reset into --reset-data
- 02:50 AM Refactor #30363 (Ready For Testing): Generate bootstrap RPM with rpm directly
07/13/2020
- 03:33 PM Feature #30388 (New): use common naming convention for foreman, candlepin, pulpcore db parameters
- postgresql database parameters such as host, port, db name, username, password, management, and ssl parameters should...
Also available in: Atom