404-error on subscription-manager related packages from CentOS(Stream)

Support
1

Problem:
Unfortunately we are bound to use Oracle Enterprise Linux and Oracle has in her infinite wisdom decided not to include the subscription-manager in their distribution. Therefore, we have to ‘borrow’ those packages from other distributions. We’ve used the CentOS and CentOS Stream distributions for some time without issues. We have a product called ‘Subscription Manager’ including the repositories for EL7, EL8 and EL9. Those three repositories were manually filled with the subscription-manager package and the dependencies instead of being synced to an upstream library.

We have obtained a trial license for Red Hat Ansible Automation Platform that came with a platform licence from RHEL. This license was handed over to Foreman using a manifest. And as far as I can tell the issues started when that trial license expired, but it might be coincidence and completely unrelated.

Anyway, the subscription-manager packages started to ‘disappear’ from the repository. When you browse there you see them listed, but when you attempt to download them you’ll get a 404-not found error. Removing the file does remove it from the page and when you add it again, it reappears. But downloading is still not possible. When you try to download a package from the same page, but that is not related to subscription-manager it downloads correctly.

For example, in the EL7 repo we have 2 packages starting with ‘p’. So when you navigate to the /Packages/p/, two files are listed:

  • python-dateutil-1.5-7.el7.noarch.rpm
  • python-syspurpose-1.24.42-1.el7.centos.x86_64.rpm
    The first one can be downloaded, the second one fails.

The same goes for EL8, but for that version we can use the same files from the Alma Linux distribution instead and they download fine.

On EL9 the CentOS packages do download, but that might be because we have a valid (and unused) developer-license.

Expected outcome:
To me it seems that Foreman actively restricts the download of RHEL content including certain packages from CentOS. Although I respect Red Hat’s intellectual property, I would expect that packages that are obtained from the CentOS (Stream) repositories are not subject to these restrictions. Especially the packages that are required for clients to connect to Foreman.

(Or actually, I would expect Forman ship those packages in a default repository, but that is a another discussion entirely)

Foreman and Proxy versions:
3.10.1

Foreman and Proxy plugin versions:

  • candlepin-4.3.12-1.el8.noarch
  • candlepin-selinux-4.3.12-1.el8.noarch
  • foreman-3.10.1-1.el8.noarch
  • foreman-cli-3.10.1-1.el8.noarch
  • foreman-debug-3.10.1-1.el8.noarch
  • foreman-dynflow-sidekiq-3.10.1-1.el8.noarch
  • foreman-installer-3.10.1-1.el8.noarch
  • foreman-installer-katello-3.10.1-1.el8.noarch
  • foreman-obsolete-packages-1.6-1.el8.noarch
  • foreman-postgresql-3.10.1-1.el8.noarch
  • foreman-proxy-3.10.1-1.el8.noarch
  • foreman-redis-3.10.1-1.el8.noarch
  • foreman-release-3.10.1-1.el8.noarch
  • foreman-selinux-3.10.1-1.el8.noarch
  • foreman-service-3.10.1-1.el8.noarch
  • katello-4.12.1-1.el8.noarch
  • katello-certs-tools-2.9.0-2.el8.noarch
  • katello-client-bootstrap-1.7.9-2.el8.noarch
  • katello-common-4.12.1-1.el8.noarch
  • katello-debug-4.12.1-1.el8.noarch
  • katello-repos-4.12.1-1.el8.noarch
  • katello-selinux-5.0.2-1.el8.noarch
  • pulpcore-obsolete-packages-1.0-9.el8.noarch
  • pulpcore-selinux-2.0.1-1.el8.x86_64
  • python3.11-pulp-ansible-0.20.2-3.el8.noarch
  • python3.11-pulp-certguard-1.7.2-1.el8.noarch
  • python3.11-pulp-cli-0.21.2-5.el8.noarch
  • python3.11-pulp-container-2.16.9-1.el8.noarch
  • python3.11-pulp-deb-3.0.1-1.el8.noarch
  • python3.11-pulp-file-1.15.1-2.el8.noarch
  • python3.11-pulp-glue-0.21.2-3.el8.noarch
  • python3.11-pulp-python-3.10.0-3.el8.noarch
  • python3.11-pulp-rpm-3.23.3-1.el8.noarch
  • python3.11-pulpcore-3.39.19-1.el8.noarch
  • rubygem-foreman-tasks-9.1.1-1.fm3_11.el8.noarch
  • rubygem-foreman_maintain-1.5.1-1.el8.noarch
  • rubygem-foreman_puppet-6.4.0-2.fm3_10.el8.noarch
  • rubygem-foreman_remote_execution-13.0.0-1.fm3_11.el8.noarch
  • rubygem-hammer_cli-3.10.0-1.el8.noarch
  • rubygem-hammer_cli_foreman-3.10.0-1.el8.noarch
  • rubygem-hammer_cli_foreman_puppet-0.0.7-1.fm3_10.el8.noarch
  • rubygem-hammer_cli_foreman_remote_execution-0.3.0-1.fm3_10.el8.noarch
  • rubygem-hammer_cli_foreman_tasks-0.0.20-1.fm3_10.el8.noarch
  • rubygem-hammer_cli_katello-1.12.0-0.1.pre.master.20240122184453git9a6ae05.el8.noarch
  • rubygem-katello-4.12.1-1.el8.noarch
  • rubygem-pulp_ansible_client-0.20.3-1.el8.noarch
  • rubygem-pulp_certguard_client-1.6.5-1.el8.noarch
  • rubygem-pulp_container_client-2.16.4-1.el8.noarch
  • rubygem-pulp_deb_client-3.0.1-1.el8.noarch
  • rubygem-pulp_file_client-1.15.1-1.el8.noarch
  • rubygem-pulp_ostree_client-2.1.3-1.el8.noarch
  • rubygem-pulp_python_client-3.10.0-1.el8.noarch
  • rubygem-pulp_rpm_client-3.23.2-1.el8.noarch
  • rubygem-pulpcore_client-3.39.9-1.el8.noarch
  • rubygem-smart_proxy_pulp-3.3.0-1.fm3_10.el8.noarch

Distribution and version:
Oracle Linux Server release 8.10
NAME=“Oracle Linux Server”
VERSION=“8.10”
ID=“ol”
ID_LIKE=“fedora”
VARIANT=“Server”
VARIANT_ID=“server”
VERSION_ID=“8.10”
PLATFORM_ID=“platform:el8”
PRETTY_NAME=“Oracle Linux Server 8.10”
ANSI_COLOR=“0;31”
CPE_NAME=“cpe:/o:oracle:linux:8:10:server”
HOME_URL=“https://linux.oracle.com/
BUG_REPORT_URL=“GitHub - oracle/oracle-linux: Scripts, examples, and tutorials to get started with Oracle Linux

ORACLE_BUGZILLA_PRODUCT=“Oracle Linux 8”
ORACLE_BUGZILLA_PRODUCT_VERSION=8.10
ORACLE_SUPPORT_PRODUCT=“Oracle Linux”
ORACLE_SUPPORT_PRODUCT_VERSION=8.10
Red Hat Enterprise Linux release 8.10 (Ootpa)
Oracle Linux Server release 8.10

Linux ******** 5.4.17-2136.335.4.el8uek.x86_64 #3 SMP Thu Aug 22 12:18:30 PDT 2024 x86_64 x86_64 x86_64 GNU/Linux

Other relevant data: