RHBA-2018:2153 - Bug Fix Advisory

Topic

Updated RHUI 3 packages that fix several bugs and add various enhancements are now available

Description

Red Hat Update Infrastructure (RHUI) is a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux (RHEL) instances. Based on the upstream Pulp project, RHUI allows cloud providers to locally mirror Red Hat-hosted repository content, create custom repositories with their own content, and make those repositories available to a large group of end users through a load-balanced content delivery system.

This update fixes the following bugs:

• Previously, after the RHUI administrator changed their password, they could keep using the running rhui-manager instance, but some actions were unavailable because rhui-manager could no longer communicate with Pulp. Now, password change logs the administrator out from rhui-manager, and the administrator is supposed to log in again, which refreshes the certificate for Pulp. (BZ#1297538)
• The subscription-manager plug-in for Yum is now disabled on RHUI clients when the client configuration package is installed. As a result, Yum no longer tells users that the system is not registered to Red Hat Subscription Management, which is expected on RHUI clients. (BZ#1415681)
• The rhui-manager utility in the CLI mode now correctly handles the situation where the administrator tries to upload an expired certificate. A proper error message is printed instead of "an unexpected error" and a traceback in the RHUI log. (BZ#1519862)
• Prior to this update, rhui-manager in the CLI mode always reset the terminal colors before printing any output. A side effect of this behavior was the presence of several control characters in the output, which could cause problems when the complete, raw output was passed to another command. With this update, the terminal colors are no longer reset in the CLI. (BZ#1577052)
• Previously, many messages from Pulp were logged needlessly while RHUI was synchronizing repositories from Red Hat CDN. In addition, the messages were labeled as warnings even though there was nothing to worry about. These messages are not logged any more. (BZ#1579294)

In addition, this update adds the following enhancements:

• It is now possible to set, change, or unset a release (minor) version for Yum on RHUI clients to any Extended Update Support (EUS) version of Red Hat Enterprise Linux or other products supported by RHUI. As long as the repository containing the selected release version is available in the RHUI environment, the clients can remain with the same minor version and only receive critical security updates and urgent bug fixes. See the RHUI 3.0 System Administrator's Guide for information on how to set a release version on a client. (BZ#1504229)
• All relevant RHUI configuration and log files are now collected by the sos tool so that the Red Hat support team can troubleshoot RHUI more efficiently. (BZ#1578678, BZ#1591027)
• When an entitlement certificate contained unrelated (non-RHUI) entitlements, rhui-manager refused the certificate. With this update, these entitlements are skipped and their presence is only logged. This makes RHUI compatible with refreshed certificates that contain non-RHUI entitlements by mistake and allows administrators to pick valid entitlements until a proper certificate is obtained from Red Hat. (BZ#1584527, BZ#1588931)

Users of RHUI are advised to upgrade to these updated packages that fix these bugs and add these enhancements.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

The pulp_workers service must be restarted for this update to take effect.

Affected Products

• Red Hat Update Infrastructure 3 for RHEL 7 x86_64
• Red Hat Update Infrastructure 3 for RHEL 6 x86_64

Fixes

• BZ - 1415681 - [Patch] disable subscription-manager also after client config rpm is installed
• BZ - 1504229 - [RFE] Due to availability of minor-release repositories, we need to simplify setting $releasever for clients
• BZ - 1519862 - rhui-manager cert upload (CLI) doesn't handle an expired certificate well
• BZ - 1577052 - "rhui-manager subscriptions list --available --pool-only" prints some invisible garbage
• BZ - 1578678 - Include /var/log/rhui-subscription-sync.log in sosreports
• BZ - 1584527 - RFE: Easier debugging of invalid entitlement certificates
• BZ - 1591027 - Update rhui-debug.py to collect information for RHUI 3+

CVEs

(none)

References

• https://access.redhat.com/documentation/en-us/red_hat_update_infrastructure/3.0/html/system_administrators_guide/