mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
1676b09573
redhat_subscription: use D-Bus for registration if possible (#6122)
subscription-manager currently does not have a way to get credentials
(username, password, activation keys, organization ID) in a secure way:
the existing command line parameters can be easily spotted when running
a process listing while 'subscription-manager register' runs.
There is a D-Bus service, which is used by e.g. cockpit and Anaconda to
interface with RHSM (at least for registration and common queries).
Try to perform the registration using D-Bus, in a way very similar to
the work done in convert2rhel [1] (with my help):
- try to do a simple signal test to check whether the system bus works;
inspired by the login in the dconf module
- pass most of the options as registration options; for the few that are
not part of the registration, execute 'subscription-manager' manually
- add quirks for differently working (or not) registration options for
the D-Bus Register*() methods depending on the version of RHEL
- 'subscription-manager register' is used only in case the signal test
is not working; silent fallback in case of D-Bus errors during the
registration is not done on purpose to avoid silent fallback to a less
secure registration
[1] https://github.com/oamg/convert2rhel/pull/540/
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| .keep | ||
| 4387-nmcli-mtu-for-vlan-connection-fix.yml | ||
| 6049-dconf-strings.yml | ||
| 6112-fix_key_error_in_gitlab_runner_creation_update.yml | ||
| 6114-memset-add-url-error-handling.yml | ||
| 6117-remove-stormssh-depend.yml | ||
| 6118-jail-plugin-fix-default-inventory_hostname.yml | ||
| 6119-opkg-update.yaml | ||
| 6122-redhat_subscription-subscribe-via-dbus.yaml | ||
| 6131-fix-interfaces_file-for-no-leading-spaces.yml | ||
| 6138-fix-yarn-global.yml | ||
| 6160-add-command-make-output.yml | ||