Project

General

Profile

Bug #19259

NoVNC doesn't work because katello-apache.key isn't readable by foreman user

Added by Stephen Benjamin about 5 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Stephen Benjamin
Category:
Installer
Target version:
Katello 3.4.1
Difficulty:
Triaged:
Bugzilla link:
1441702
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1441702

Description of problem:

Foreman launches a websockify process that listens using the apache key/cert, and websockify silently fails if it can't read the cert or key. The key is owned by apache:foreman but is mode 600.

Version-Release number of selected component (if applicable):
6.3 nightly

How reproducible:
Always

Steps to Reproduce:
1. Install 6.3 nightly
2. Provision a VM on libvirt/rhev/etc
3. Try to view the NoVNC console in the UI

Actual results:
Websocket error

Expected results:
Console loads

Additional info:

Workaround is chmod 660 /etc/pki/katello/private/katello-apache.key

Associated revisions

Revision b6ea6835 (diff)
Added by Stephen Benjamin about 5 years ago

fixes #19259 - apache key should be mode 0440 (#154)

Foreman launches websockify process that needs read access to
this key.

History

#1 Updated by John Mitsch about 5 years ago

  • Subject changed from NoVNC doesn't work because katello-apache.key isn't readable by foreman user to NoVNC doesn't work because katello-apache.key isn't readable by foreman user
  • Legacy Backlogs Release (now unused) set to 228

#2 Updated by Anonymous about 5 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF