[Spacewalk-list] Can't install post kickstart install

William H. ten Bensel WHTENBEN at up.com
Mon Apr 4 13:07:57 UTC 2016 

- Thanks and good luck



From:   Lachlan Musicman <datakid at gmail.com>
To:     spacewalk-list at redhat.com
Date:   04/04/2016 01:36 AM
Subject:        Re: [Spacewalk-list] Can't install post kickstart install
Sent by:        spacewalk-list-bounces at redhat.com



This email originated from outside of the company. Please use discretion 
if opening attachments or clicking on links. 
Is it because my kickstart software channel is based on the tree 
/var/distro-trees/Centos-7 (which is essentially the maximum install dvd 
with all the rpms removed), and that has a key RPM-GPG-KEY-CentOS-7 which 
I'm not importing?

How would I import that?

Upload the RPM-GPG-KEY-CentOS-7 to the spacewalk under 
System->Kickstarts->GPG and SSL Keys.  Then associate that GPG key to each 
associated OS kickstart profile under {ksprofile}-> System Details -> GPG 
& SSL.  That will guarantee that the key is imported.  You will be able to 
see it in the kickstart.

You can validate that the GPG key is installed after a build.

        On a linux server that you downloaded it to. 
        gpg --quiet --with-fingerprint /xxxxx/RP-GPG-KEY-CentOS-7
        Output: 
                pub...... /####x##x#  Description
                key fingerprint = 
                sub.....

        The following will print out the key if it is installed on the new 
system.
        rpm -q gpg-pubkey --qf '%{version}\n' |grep -i ####x##x#

cheers
L.

------
The most dangerous phrase in the language is, "We've always done it this 
way."

- Grace Hopper

On 4 April 2016 at 16:09, Lachlan Musicman <datakid at gmail.com> wrote:
Hola,

After installation via kickstart, I get the following errors (first the 
webui, then the cli):

Client execution returned "Error while executing packages action: Public 
key for htop-2.0.1-1.el7.x86_64.rpm is not installed [[6]]" (code -1)

[root at vmpr-res-head-node rhn]# yum install htop
Loaded plugins: fastestmirror, langpacks, rhnplugin
Adding en_US.UTF-8 to language list
Config time: 0.031
This system is receiving updates from RHN Classic or Red Hat Satellite.
Looking for repo options for [main]
Looking for repo options for [centos_7_x86_64]
Repo 'centos_7_x86_64' setting option 'enabled' = '1'
Repo 'centos_7_x86_64' setting option 'gpgcheck' = '1'
Repo 'centos_7_x86_64' setting option 'timeout' = '120'
Looking for repo options for [slurm_15.08]
Repo 'slurm_15.08' setting option 'enabled' = '1'
Repo 'slurm_15.08' setting option 'gpgcheck' = '1'
Repo 'slurm_15.08' setting option 'timeout' = '120'
Looking for repo options for [jpackage_5.0_noarch]
Repo 'jpackage_5.0_noarch' setting option 'enabled' = '1'
Repo 'jpackage_5.0_noarch' setting option 'gpgcheck' = '1'
Repo 'jpackage_5.0_noarch' setting option 'timeout' = '120'
Looking for repo options for [centos_7_x86_64_base]
Repo 'centos_7_x86_64_base' setting option 'enabled' = '1'
Repo 'centos_7_x86_64_base' setting option 'gpgcheck' = '1'
Repo 'centos_7_x86_64_base' setting option 'timeout' = '120'
Looking for repo options for [centos_7_x86_64_extras]
Repo 'centos_7_x86_64_extras' setting option 'enabled' = '1'
Repo 'centos_7_x86_64_extras' setting option 'gpgcheck' = '1'
Repo 'centos_7_x86_64_extras' setting option 'timeout' = '120'
Looking for repo options for [zabbix_x86_64]
Repo 'zabbix_x86_64' setting option 'enabled' = '1'
Repo 'zabbix_x86_64' setting option 'gpgcheck' = '1'
Repo 'zabbix_x86_64' setting option 'timeout' = '120'
Looking for repo options for [spacewalk_x86_64_client]
Repo 'spacewalk_x86_64_client' setting option 'enabled' = '1'
Repo 'spacewalk_x86_64_client' setting option 'gpgcheck' = '1'
Repo 'spacewalk_x86_64_client' setting option 'timeout' = '120'
Looking for repo options for [spacewalk_x86_64_server]
Repo 'spacewalk_x86_64_server' setting option 'enabled' = '1'
Repo 'spacewalk_x86_64_server' setting option 'gpgcheck' = '1'
Repo 'spacewalk_x86_64_server' setting option 'timeout' = '120'
Looking for repo options for [epel_7_x86_64]
Repo 'epel_7_x86_64' setting option 'enabled' = '1'
Repo 'epel_7_x86_64' setting option 'gpgcheck' = '1'
Repo 'epel_7_x86_64' setting option 'timeout' = '120'
Looking for repo options for [cisco_snic_x86_64]
Repo 'cisco_snic_x86_64' setting option 'enabled' = '1'
Repo 'cisco_snic_x86_64' setting option 'gpgcheck' = '1'
Repo 'cisco_snic_x86_64' setting option 'timeout' = '120'
Looking for repo options for [centos_7_x86_64_updates]
Repo 'centos_7_x86_64_updates' setting option 'enabled' = '1'
Repo 'centos_7_x86_64_updates' setting option 'gpgcheck' = '1'
Repo 'centos_7_x86_64_updates' setting option 'timeout' = '120'
Yum version: 3.4.3

You have enabled checking of packages via GPG keys. This is a good thing. 
However, you do not have any GPG public keys installed. You need to 
download
the keys for packages you wish to install and install them.
You can do that by running the command:
    rpm --import public.gpg.key


Alternatively you can specify the url to the key you would like to use
for a repository in the 'gpgkey' option in a repository section and yum 
will install it for you.

For more information contact your distribution or package provider.

Problem repository: centos_7_x86_64



There are a number main issues here. 

1. AFAICT, the Activation key associated with this base/parent channel 
(RHN-ORG-TRUSTED-SSL-CERT) has successfully been bought across. Why 
wouldn't this work, and why would it fail on centos_7_x86_64, which is the 
base channel with no rpms? (we have a centos_7_x86_64_base child channel 
with all the rpms, because having the rpms in the base/parent channel 
doesn't work for kickstart installs...)

2. I want all my servers to only talk to the Spacewalk server for purposes 
of yum. So the key problem should only exist for the Spacewalk server if 
any server is affected by it.

3. I'm not sure where the local spacewalk repos are set enabled=1, 
/etc/yum.repos.d/ is empty. 

cheers
L.




------
The most dangerous phrase in the language is, "We've always done it this 
way."

- Grace Hopper
This email originated from outside of the company.  Please use discretion 
if opening attachments or clicking on links.

_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list


**

This email and any attachments may contain information that is confidential and/or privileged for the sole use of the intended recipient.  Any use, review, disclosure, copying, distribution or reliance by others, and any forwarding of this email or its contents, without the express permission of the sender is strictly prohibited by law.  If you are not the intended recipient, please contact the sender immediately, delete the e-mail and destroy all copies.
**
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20160404/0c90d728/attachment.htm>

More information about the Spacewalk-list mailing list