Installing SpaceWalk (using a remote database)

Installing SpaceWalk (using a remote database)
	Part XVII. Red Hat (all very old)

Add the EPEL repositories to the SpaceWalk server

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-2.noarch.rpm

Retrieving http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-2.noarch.rpm warning: /var/tmp/rpm-xfer.Zy9sSY: Header V3 DSA signature: NOKEY, key ID 217521f6 Preparing... ########################################### [100%] 1:epel-release ########################################### [100%]

Add the spacewalk repository to yum's repository list

Edit /etc/yum.repos.d/spacewalk.repo to contain:

[spacewalk]
name=Spacewalk
baseurl=http://spacewalk.redhat.com/yum/rhel/5Server/$basearch/
gpgkey=http://spacewalk.redhat.com/yum/RPM-GPG-KEY-spacewalk
enabled=1
gpgcheck=1

Install the spacewalk package

yum install spacewalk

<snip> Error: rhns-app conflicts with specspo Error: rhns-xp conflicts with specspo Error: Missing Dependency: oracle-instantclient-basic = 10.2.0.4 is needed by package oracle-lib-compat Error: Missing Dependency: oracle-instantclient-basic is needed by package perl-DBD-Oracle Error: Missing Dependency: oracle-instantclient-basic >= 10.2.0 is needed by package rhn-oracle-jdbc

Remove specspo and install Oracle client

rpm -e specspo

Fetch oracle-instantclient-basic-10.2.0.4-1.i386.rpm from the Oracle website and install it:

rpm -iv oracle-instantclient-basic-10.2.0.4-1.i386.rpm oracle-instantclient-jdbc-10.2.0.4-1.i386.rpm oracle-instantclient-sqlplus-10.2.0.4-1.i386.rpm oracle-instantclient-devel-10.2.0.4-1.i386.rpm

Preparing packages for installation... oracle-instantclient-basic-10.2.0.4-1 oracle-instantclient-devel-10.2.0.4-1 oracle-instantclient-jdbc-10.2.0.4-1 oracle-instantclient-sqlplus-10.2.0.4-1

Try to install the SpaceWalk application once more

yum install spacewalk

<snip> Transaction Summary ============================================================================= Install 227 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 149 M Is this ok [y/N]: y <snip> warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 430a1c35 Importing GPG key 0x430A1C35 "Spacewalk <spacewalk-devel@redhat.com>" from http://spacewalk.redhat.com/yum/RPM-GPG-KEY-spacewalk Is this ok [y/N]: y <snip> noarch 0:1.1.3.4.O-2jpp.ep1.1.el5.1 Complete!

Configuring SpaceWalk: 1st try

export PATH="${PATH}:/usr/lib/oracle/10.2.0.4/client/bin"
ORACLE_HOME=/usr/lib/oracle/10.2.0.4
export LD_LIBRARY_PATH=/usr/lib/oracle/10.2.0.4/client/lib
semanage fcontext -a -t textrel_shlib_t '/usr/lib/oracle/10.2.0/client/lib/*'
restorecon -R /usr/lib/oracle/10.2.0/client/lib

[root@host ~]# spacewalk-setup --disconnected * Loading answer file: /usr/share/spacewalk/setup/defaults.conf. * Setting up environment and users. ** GPG: Initializing GPG and importing RHN key. * Setting up database. ** Database: Setting up database connection. DB User? username DB Password? DB SID? sid DB hostname? db.host.yourdomain.com DB port [1521]? 1522 DB protocol [TCP]? ** Database: Testing database connection. ** Database: Populating database. sh: dbhome: command not found *** Progress: # * Performing initial configuration. * Activating Satellite. ** Loading Satellite Certificate. ** Verifying certificate locally. There was a problem activating the satellite: Certificate expired. [root@host ~]# date Thu Feb 19 12:24:04 CET 2015

Configuring SpaceWalk: 2nd try

ntpdate ip-of-ntp-server

28 Jul 11:48:44 ntpdate[15293]: step time server 129.125.60.251 offset -207106607.716361 sec [root@host ~]# date Mon Jul 28 11:48:48 CEST 2008

yum -q install usermode-gtk pyOpenSSL
cp /usr/share/spacewalk/setup/defaults.conf spacewalk-install-answers-2.conf
vi !$
spacewalk-setup --disconnected --answer-file=spacewalk-install-answers-2.conf

[root@host ~]# spacewalk-setup --disconnected --answer-file=spacewalk-install-answers-2.conf * Loading answer file: spacewalk-install-answers-2.conf. * Setting up environment and users. ** GPG: Initializing GPG and importing RHN key. * Setting up database. ** Database: Setting up database connection. ** Database: Testing database connection. ** Database: Populating database. sh: dbhome: command not found *** Progress: ################################################################################## * Performing initial configuration. * Activating Satellite. ** Loading Satellite Certificate. ** Verifying certificate locally. ** Activating Satellite. * Enabling Monitoring. * Creating SSL certificates. Email Address [j.bokma@cs.rug.nl]? ** SSL: Generating CA certificate. ** SSL: Deploying CA certificate. ** SSL: Generating server certificate. ** SSL: Storing SSL certificates. Use of uninitialized value in chown at /usr/bin/rhn-generate-pem.pl line 57. Use of uninitialized value in chown at /usr/bin/rhn-generate-pem.pl line 57. * Deploying configuration files. * Update configuration in database. * Restarting services. Installation complete. Visit https://host to create the satellite administrator account. [root@host ~]#

Configure SpaceWalk via web-interface

setenforce 0 To temporarily turn off selinux and log in to your https://host.service.domain.com to do the rest of the configuration.

We got an “Internal Server Error” message on the Web interfacer and subsequently an e-mail stating that /etc/rhn/cluster.ini cannot be written. So we do

chgrp apache /etc/rhn/cluster.ini
chmod go+rw !$
chmod go+rw /etc/rhn/cluster.ini

Now we get An error occurred and your satellite configuration changes could not be stored. Please contact support for more information and we find in /var/log/secure: tomcat : sorry, you must have a tty to run sudo.

So using visudo, in /etc/sudoers we comment out the string

Defaults requiretty

.

Success. (At least for the “General” config).

Now we first create a certificate (see CertCreation:

Create a keypair:
gpg --gen-key

gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection? 1 DSA keypair will have 1024 bits. ELG-E keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n> = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 1y Key expires at Thu 10 Sep 2009 02:50:01 PM CEST Is this correct? (y/N) y You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>" Real name: Jurjen Bokma Email address: j.bokma@cs.rug.nl Comment: SpaceWalk-admin You selected this USER-ID: "Jurjen Bokma (SpaceWalk-admin) <j.bokma@cs.rug.nl>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O You need a Passphrase to protect your secret key. You don't want a passphrase - this is probably a *bad* idea! I will do it anyway. You can change your passphrase at any time, using this program with the option "--edit-key". We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. +++++...++++++++++.++++++++++.++++++++++++++++++++++++++++++.++++++++++++++++++++++++++++++++++++++++++++++++++.+++++.++++++++++.++++++++++.+++++>+++++..........+++++ Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 284 more bytes) We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. ++++++++++++++++++++.+++++++++++++++.++++++++++..+++++.+++++++++++++++++++++++++.+++++.+++++.++++++++++.++++++++++.++++++++++++++++++++.++++++++++.++++++++++>..++++++++++>+++++.............>+++++......................................................................................................................................................................+++++^^^^^ gpg: key 4AD979DD marked as ultimately trusted public and secret key created and signed. gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2009-09-10 pub 1024D/4AD979DD 2008-09-10 [expires: 2009-09-10] Key fingerprint = 5A5D FF6E 928C ACA7 AAEB 93E6 94AF C990 4AD9 79DD uid Jurjen Bokma (SpaceWalk-admin) <j.bokma@cs.rug.nl> sub 2048g/62457ED7 2008-09-10 [expires: 2009-09-10] [root@host ~]#
Export the keys:
gpg --list-keys

      /root/.gnupg/pubring.gpg ------------------------ pub   1024D/E8562897 2007-01-06 [expires: 2017-01-03] uid                  CentOS-5 Key (CentOS 5 Official Signing Key) <centos-5-key@centos.org> sub   1024g/1E9EA3B6 2007-01-06 [expires: 2017-01-03] pub   1024D/4AD979DD 2008-09-10 [expires: 2009-09-10] uid                  Jurjen Bokma (SpaceWalk-admin) <j.bokma@cs.rug.nl> sub   2048g/62457ED7 2008-09-10 [expires: 2009-09-10]

gpg --list-secret-keys

      /root/.gnupg/secring.gpg ------------------------ sec   1024D/4AD979DD 2008-09-10 [expires: 2009-09-10] uid                  Jurjen Bokma (SpaceWalk-admin) <j.bokma@cs.rug.nl> ssb   2048g/62457ED7 2008-09-10

gpg --export 4AD979DD > mycertkey.gpg gpg --export-secret-keys -a 4AD979DD > mysecretkey.gpg
Add the keys to the /etc/webapp-keyring.gpg keyring (see PGP and GnuPG GPG General Hints, Notes, Howtos for how to do things like these:
gpg --no-default-keyring --keyring /etc/webapp-keyring.gpg --import mycertkey.gpg

      gpg: key 4AD979DD: public key "Jurjen Bokma (SpaceWalk-admin) <j.bokma@cs.rug.nl>" imported gpg: Total number processed: 1 gpg:               imported: 1 gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2009-09-10

gpg --no-default-keyring --keyring /etc/webapp-keyring.gpg --import mysecretkey.gpg

      gpg: key 4AD979DD: already in secret keyring gpg: Total number processed: 1 gpg:       secret keys read: 1 gpg:  secret keys unchanged: 1
Fetch the certificate creation script and the template certificate:


wget https://fedorahosted.org/spacewalk/attachment/wiki/CertCreation/gen-oss-sat-cert.pl?format=raw
wget https://fedorahosted.org/spacewalk/attachment/wiki/CertCreation/template-eval.cert?format=raw
mv gen-oss-sat-cert.pl\?format\=raw gen-oss-sat-cert.pl
mv template-eval.cert\?format\=raw template-eval.cert

Copy the template and edit the copy to our liking:

<?xml version="1.0" encoding="UTF-8"?>
<rhn-cert version="0.1">
  <rhn-cert-field name="product">RHN-SATELLITE-001</rhn-cert-field>
  <rhn-cert-field name="owner">Rijksuniversiteit Groningen</rhn-cert-field>
  <rhn-cert-field name="issued">10-sep-2008</rhn-cert-field>
  <rhn-cert-field name="expires">10-sep-2009</rhn-cert-field>
  <rhn-cert-field name="slots">2500</rhn-cert-field>
  <rhn-cert-field name="provisioning-slots">2500</rhn-cert-field>
  <rhn-cert-field name="monitoring-slots">2500</rhn-cert-field>
  <rhn-cert-field name="virtualization_host">2500</rhn-cert-field>
  <rhn-cert-field name="channel-families" quantity="1000" family="rh-ccm-cms-as21"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rh-ccm-core-as21"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rh-collaboration-suite"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rh-ent-portal-server"/>
  <rhn-cert-field name="channel-families" quantity="2000" family="rhel-client"/>
  <rhn-cert-field name="channel-families" quantity="2000" family="rhel-client-fastrack"/>
  <rhn-cert-field name="channel-families" quantity="2000" family="rhel-client-supplementary"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-client-workstation"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-client-workstation-fastrack"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-cluster"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-devsuite"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-gfs"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-rhaps"/>
  <rhn-cert-field name="channel-families" quantity="500" family="rhel-rhcmsys"/>
  <rhn-cert-field name="channel-families" quantity="500" family="rhel-rhdirserv"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-s390x-fastrack"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-s390x-server"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-s390x-server-supplementary"/>
  <rhn-cert-field name="channel-families" quantity="2000" family="rhel-server"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-server-cluster"/>
  <rhn-cert-field name="channel-families" quantity="1000" family="rhel-server-cluster-storage"/>
  <rhn-cert-field name="channel-families" quantity="2000" family="rhel-server-fastrack"/>
  <rhn-cert-field name="channel-families" quantity="2000" family="rhel-server-supplementary"/>
  <rhn-cert-field name="channel-families" quantity="2000" family="rhel-server-vt"/>
  <rhn-cert-field name="channel-families" quantity="500" family="rhn-proxy"/>
  <rhn-cert-field name="channel-families" quantity="4500" family="rhn-tools"/>
  <rhn-cert-field name="channel-families" quantity="500" family="solaris"/>
  <rhn-cert-field name="channel-families" quantity="500" family="solaris-rhcmsys"/>
  <rhn-cert-field name="channel-families" quantity="500" family="solaris-rhdirserv"/>
  <rhn-cert-field name="satellite-version">spacewalk</rhn-cert-field>
  <rhn-cert-field name="generation">2</rhn-cert-field>
  <rhn-cert-signature>
  </rhn-cert-signature>
</rhn-cert>

It needs to read “spacewalk” here, or rhn-satellite-activate will complain: ERROR: RHN Entitlement Certificate cannot be imported - the versions of current and new certificate do not match, [spacewalk] vs. [5.1] Please rerun with --ignore-version-mismatch if you want to override this test.

Run the gen-oss-sat-cert.p script:
./gen-oss-sat-cert.pl --dsn username/passwd@dbname --signer 4AD979DD --resign template-eval.cert

Passphrase: Channel family 'rh-ccm-cms-as21' not found in database, continuing... Channel family 'rh-ccm-core-as21' not found in database, continuing... Channel family 'rh-collaboration-suite' not found in database, continuing... Channel family 'rh-ent-portal-server' not found in database, continuing... Channel family 'rhel-client' not found in database, continuing... Channel family 'rhel-client-fastrack' not found in database, continuing... Channel family 'rhel-client-supplementary' not found in database, continuing... Channel family 'rhel-client-workstation' not found in database, continuing... Channel family 'rhel-client-workstation-fastrack' not found in database, continuing... Channel family 'rhel-cluster' not found in database, continuing... Channel family 'rhel-devsuite' not found in database, continuing... Channel family 'rhel-gfs' not found in database, continuing... Channel family 'rhel-rhaps' not found in database, continuing... Channel family 'rhel-rhcmsys' not found in database, continuing... Channel family 'rhel-rhdirserv' not found in database, continuing... Channel family 'rhel-s390x-fastrack' not found in database, continuing... Channel family 'rhel-s390x-server' not found in database, continuing... Channel family 'rhel-s390x-server-supplementary' not found in database, continuing... Channel family 'rhel-server' not found in database, continuing... Channel family 'rhel-server-cluster' not found in database, continuing... Channel family 'rhel-server-cluster-storage' not found in database, continuing... Channel family 'rhel-server-fastrack' not found in database, continuing... Channel family 'rhel-server-supplementary' not found in database, continuing... Channel family 'rhel-server-vt' not found in database, continuing... Channel family 'rhn-proxy' not found in database, continuing... Channel family 'rhn-tools' not found in database, continuing... Channel family 'solaris' not found in database, continuing... Channel family 'solaris-rhcmsys' not found in database, continuing... Channel family 'solaris-rhdirserv' not found in database, continuing... Signatures signed by Jurjen Bokma (SpaceWalk-admin) <j.bokma@cs.rug.nl> (94AFC9904AD979DD). Certificate saved as template-eval.cert

Activate the Spacewalk with the certificate:

rhn-satellite-activate --disconnected --rhn-cert=template-eval.cert

16:11:07 WARNING: ignoring unavailable channel family rh-ccm-cms-as21 16:11:07 WARNING: ignoring unavailable channel family rh-ccm-core-as21 16:11:07 WARNING: ignoring unavailable channel family rh-collaboration-suite 16:11:07 WARNING: ignoring unavailable channel family rh-ent-portal-server 16:11:07 WARNING: ignoring unavailable channel family rhel-client 16:11:07 WARNING: ignoring unavailable channel family rhel-client-fastrack 16:11:07 WARNING: ignoring unavailable channel family rhel-client-supplementary 16:11:07 WARNING: ignoring unavailable channel family rhel-client-workstation 16:11:07 WARNING: ignoring unavailable channel family rhel-client-workstation-fastrack 16:11:07 WARNING: ignoring unavailable channel family rhel-cluster 16:11:07 WARNING: ignoring unavailable channel family rhel-devsuite 16:11:07 WARNING: ignoring unavailable channel family rhel-gfs 16:11:07 WARNING: ignoring unavailable channel family rhel-rhaps 16:11:07 WARNING: ignoring unavailable channel family rhel-rhcmsys 16:11:07 WARNING: ignoring unavailable channel family rhel-rhdirserv 16:11:07 WARNING: ignoring unavailable channel family rhel-s390x-fastrack 16:11:07 WARNING: ignoring unavailable channel family rhel-s390x-server 16:11:07 WARNING: ignoring unavailable channel family rhel-s390x-server-supplementary 16:11:07 WARNING: ignoring unavailable channel family rhel-server 16:11:07 WARNING: ignoring unavailable channel family rhel-server-cluster 16:11:07 WARNING: ignoring unavailable channel family rhel-server-cluster-storage 16:11:07 WARNING: ignoring unavailable channel family rhel-server-fastrack 16:11:07 WARNING: ignoring unavailable channel family rhel-server-supplementary 16:11:07 WARNING: ignoring unavailable channel family rhel-server-vt 16:11:07 WARNING: ignoring unavailable channel family rhn-proxy 16:11:07 WARNING: ignoring unavailable channel family rhn-tools 16:11:07 WARNING: ignoring unavailable channel family solaris 16:11:07 WARNING: ignoring unavailable channel family solaris-rhcmsys 16:11:07 WARNING: ignoring unavailable channel family solaris-rhdirserv

	Note
	Downloading the obtained `template-eval.cert` file to a computer with a browser, and uploading it to the CertificateConfig page of the SpaceWalk server generates an “Unhandled error”

Now let's create a “channel” and populate it.

Go to the Software Channels Overview page on the Spacewalk server and add a channel.
Install the yum-utils package:
yum install yum-utils
Create /srv/satellite:


mkdir /srv/satellite
chown apache:apache /srv/satellite
Make the CentOS packages available on from the fileserver to the SpaceWalk server:
mount fileserver.domain.com:/srv/centos-mirror /mnt/fileserver
Now let's try to upload some:
rhnpush --channel=centos-5.2-i386 --server=http://localhost/APP --dir=/mnt/osis/pub/os/linux/distr/centoslinux/5.2/os/i386/CentOS/

Red Hat Network username: Username Red Hat Network password: not echoed

That took a bloody long time, but it worked.

Follow the steps to kickstarting Fedora/CentOS and kickstart a machine:

Fetch the make-ks-tree script:


mkdir make-ks-tree
cd !$
wget https://fedorahosted.org/spacewalk/attachment/wiki/KickstartDistro/make-ks-tree.tar.gz?format=raw
tar -xzf make-ks-tree.tar.gz

mount -o loop,ro /mnt/osis/pub/os/linux/distr/centoslinux/5.2/isos/i386/CentOS-5.2-i386-bin-DVD.iso /mnt/loop
export BASE=/srv/satellite/rhn/kickstart
mkdir -p /srv/satellite/rhn/kickstart
./make-ks-tree.sh --channel centos-5.2-i386 --source /mnt/loop --dsn rugpcdb/hh38sd25@blade --install-type rhel_5  --variant centos --update u2
./make-ks-tree.sh --channel centos-5.2-i386 --source /mnt/loop --dsn rugpcdb/hh38sd25@blade --install-type rhel_5  --variant centos --update u2 --commit

... Adding: NOTES/RELEASE-NOTES-pt_BR.html... done. Adding: NOTES/RELEASE-NOTES-U1-pt_BR.html... done. Adding: NOTES/RELEASE-NOTES-U1-ko.html... done. ... done

Warning

All of a sudden the SpaceWalk website doesn't update any more, and /var/log/rhn/rhn_taskomatic_daemon.log blurts:

Launching a JVM... INFO | jvm 5 | 2008/09/16 15:59:18 | Wrapper (Version 3.2.1) http://wrapper.tanukisoftware.org ERROR | wrapper | 2008/09/16 15:59:47 | Startup failed: Timed out waiting for a signal from the JVM. ADVICE | wrapper | 2008/09/16 15:59:47 | ADVICE | wrapper | 2008/09/16 15:59:47 | ------------------------------------------------------------------------ ADVICE | wrapper | 2008/09/16 15:59:47 | Advice: ADVICE | wrapper | 2008/09/16 15:59:47 | The Wrapper consists of a native component as well as a set of classes ADVICE | wrapper | 2008/09/16 15:59:47 | which run within the JVM that it launches. The Java component of the ADVICE | wrapper | 2008/09/16 15:59:47 | Wrapper must be initialized promptly after the JVM is launched or the ADVICE | wrapper | 2008/09/16 15:59:47 | Wrapper will timeout, as just happened. Most likely the main class ADVICE | wrapper | 2008/09/16 15:59:47 | specified in the Wrapper configuration file is not correctly initializing ADVICE | wrapper | 2008/09/16 15:59:47 | the Wrapper classes: ADVICE | wrapper | 2008/09/16 15:59:47 | com.redhat.rhn.taskomatic.TaskomaticDaemon ADVICE | wrapper | 2008/09/16 15:59:47 | While it is possible to do so manually, the Wrapper ships with helper ADVICE | wrapper | 2008/09/16 15:59:47 | classes to make this initialization processes automatic. ADVICE | wrapper | 2008/09/16 15:59:47 | Please review the integration section of the Wrapper's documentation ADVICE | wrapper | 2008/09/16 15:59:47 | for the various methods which can be employed to launch an application ADVICE | wrapper | 2008/09/16 15:59:47 | within the Wrapper: ADVICE | wrapper | 2008/09/16 15:59:47 | http://wrapper.tanukisoftware.org/doc/english/integrate.html ADVICE | wrapper | 2008/09/16 15:59:47 | ------------------------------------------------------------------------ ADVICE | wrapper | 2008/09/16 15:59:47 | ERROR | wrapper | 2008/09/16 15:59:48 | JVM did not exit on request, terminated

So in /etc/rhn/default/rhn_taskomatic_daemon.conf we set the line:

wrapper.java.classpath.14=/usr/lib/oracle/10.2.0.4/client/lib/ojdbc14.jar

Turns out this wasn't the cause of the failure. The IPTables rule “iptables -A INPUT -s \! 10.0.0.0/16 -j DROP” was too restrictive. Apparently upon restart the service needs to contact servers outside of my domain.

Added an “activation key” (using the GUI). Added a kickstart config as well (using the GUI too). Now we've got a running CentOS (virtual) machine, but no “systems” visible in the GUI yet.

To register the system, according to the SpaceWalk Wiki, the package rhel-instnum must be installed on the server. So we locate it on RPM Search, fetch and install it:

wget ftp://ftp.pbone.net/mirror/www.startcom.org/ML-5.0.7/os/i386/StartCom/RPMS/rhel-instnum-1.0.7-1.ML5.noarch.rpm
rpm -i rhel-instnum-1.0.7-1.ML5.noarch.rpm

Now we register the system, by doing (on the client):

wget -r -nd http://www-personal.umich.edu/~lrsmith/Spacewalk/rpms/
mkdir - /usr/src/redhat/SOURCES
rpm -Uvh *.rpm

	Warning
	This breaks on unresolved dependencies. Importantly, `rhnreg_ks` is not installed. So we continue...

rpm -Uvh rhnsd-4.6.1-1.i386.rpm
rpm -Uvh rhn-check-0.4.17-8.noarch.rpm
rpm -Uvh rhnsd-4.6.1-1.i386.rpm
rpm -Uvh rhn-setup-0.4.17-8.noarch.rpm
rhnreg_ks --force --serverUrl=http://si03.service.rug.nl/XMLRPC --activationkey=1-c923ac0089e38aea0fd0370e42cebb15

	Note
	Victory! We 've got a system in the SpaceWalk GUI.


Installing CentOS unattendedly (without the use of SpaceWalk)		RedHat Certification

Installing SpaceWalk (using a remote database)

Jurjen Bokma