RPMs available for RHEL 9

[Ronald Jeninga]

Hi all,

if I didn't make a mistake, 2.10 and 2.11 RPMs for RHEL 9 should now be available.
Please report if something is wrong or if you have issues.

Best regards,

Ronald 

[johnts...@gmail.com]

Hello Ronald,

I tried the installation with a new CentOS 9 VM, it failed with below after execute "yum install -y schedulix-server"

Importing GPG key 0xB008C315:
 Userid     : "Ronald Jeninga (Key used for signing rpm packages) <ronald....@independit.de>"
 Fingerprint: 83CA B917 9FA4 E63B DB9F DB57 5B32 B65F B008 C315
 From       : https://www.independit.de/repo/rpm-gpg/RPM-GPG-KEY-schedulix
warning: Signature not supported. Hash algorithm SHA1 not available.
Key import failed (code 2). Failing package is: schedulix-base-2.11-3.el9.x86_64
 GPG Keys are configured as: https://www.independit.de/repo/rpm-gpg/RPM-GPG-KEY-schedulix
Public key for schedulix-server-mariadb-2.11-3.el9.x86_64.rpm is not installed. Failing package is: schedulix-server-mariadb-2.11-3.el9.x86_64
 GPG Keys are configured as: https://www.independit.de/repo/rpm-gpg/RPM-GPG-KEY-schedulix
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'yum clean packages'.
Error: GPG check FAILED

It need to run below:

update-crypto-policies --set DEFAULT:SHA1

before "yum install schedulix-server"

Thanks.

John Tsui

05.Jun.2024

[Ronald Jeninga]

Hello John,

thank you for reporting and, more importantly, providing a workaround!

I stumbled over the signing issue myself but hadn't time to repair it.

It'll be one of the first issues I'll resolve after my vacation.

I apologize for the hassle.

Best regards,

Ronald

independIT Integrative Technologies GmbH

https://www.independit.de

[johnts...@gmail.com]

Hello Ronald,

So far the installation is fine and quite easy up to now.

Except one minor I need to make change in setup_jobserver as:

echo -e "show user $SDMSUSER;" | sdmsh --ini $SDMSHRC | grep -E "ADMIN *KDEMO.*VGR$" >/dev/null

                                                                                                                                                        ^^^^^^^

Not sure it only appears in my shop.

Thankyou very much for your help.

Regards.
John Tsui

05.Jun.2024

[Ronald Jeninga]

Hello John,

nice catch. Thank you.

It has to do with the new operator privileges in 2.11.

Although they don't play a role in schedulix (but in BICsuite), they are displayed. And this causes the grep expression to fail. It's not related to your environment.

I like your fix. It's pretty on the spot, I think.

I'll look after it after my vacation, in July.

Thank you,

Ronald

independIT Integrative Technologies GmbH

https://www.independit.de

[Ronald Jeninga]

Hello John,

now, if I didn't make some silly mistake, things should be OK now.

First of all I've adopted your suggestion to fix the setup_jobserver script.

And I think I've found a way to use a SHA256 instead of SHA1 to sign the rpms.

At least querying the rpm says:

[ronald@alma9 src]$ rpm -qp --qf '%|DSAHEADER?{%{DSAHEADER:pgpsig}}:{%|RSAHEADER?{%{RSAHEADER:pgpsig}}:{(none)}|}|\n' /home/ronald/rpmbuild/RPMS/x86_64/schedulix-base-2.11-4.el9.x86_64.rpm
warning: /home/ronald/rpmbuild/RPMS/x86_64/schedulix-base-2.11-4.el9.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID b008c315: NOKEY
RSA/SHA256, Wed 03 Jul 2024 10:40:56 AM CEST, Key ID 5b32b65fb008c315

For those who want to create and sign rpms themselves, what I did is to add a line to my ~/.rpmmacros:

[ronald@alma9 src]$ cat ~/.rpmmacros
%_gpg_name Ronald Jeninga (Key used for signing rpm packages) <ronald....@independit.de>
%_binary_filedigest_algorithm SHA256

I hope it works now, but please notify if not.

Best regards,

Ronald

[johnts...@gmail.com]

Dear Ronald,

Noted with thanks.

Good luck.

Best Regards,

John Tsui

04.Jul.2024