Back to bug 1703445
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla | 2019-04-26 12:45:40 UTC | Pool ID | 0 | 175 |
| Martin Zelený | 2019-04-26 12:52:24 UTC | QA Contact | qe-baseos-security | mzeleny |
| Martin Zelený | 2019-05-28 15:00:41 UTC | Depends On | 1714674 | |
| Tomas Jaros | 2019-06-24 11:02:15 UTC | CC | tjaros | |
| autobot-bugzilla | 2019-07-29 18:06:50 UTC | Assignee | dkopecek | scorreia |
| PnT Account Manager | 2019-07-31 22:39:29 UTC | CC | dkopecek | |
| Sergio Correia | 2019-10-02 12:44:50 UTC | CC | mtowey | |
| Martin Zelený | 2019-10-08 13:20:12 UTC | Hardware | s390x | All |
| Sergio Correia | 2019-10-08 13:23:53 UTC | Status | NEW | ASSIGNED |
| Sergio Correia | 2020-04-06 14:11:09 UTC | Status | ASSIGNED | MODIFIED |
| Fixed In Version | tang-6-2.el7 | |||
| errata-xmlrpc | 2020-04-06 18:11:06 UTC | Status | MODIFIED | ON_QA |
| errata-xmlrpc | 2020-04-09 06:05:05 UTC | Status | ON_QA | VERIFIED |
| Tomas Jaros | 2020-04-15 11:10:22 UTC | Doc Type | If docs needed, set a value | Bug Fix |
| Sergio Correia | 2020-05-11 03:02:03 UTC | Docs Contact | mjahoda | |
| Doc Text | Cause: When generating its keys (e.g., when first installing tang), tang triggers a cache update through a file watching mechanism that has shown to be unreliable in certain cases. Consequence: As a consequence, in these situations, tang will not properly update its cache to reflect its keys, which can cause issues when trying to use the tang pin in clevis; when this happens, the client will display the following message: "Key derivation key not available". As a workaround, when this happens, we can run "systemctl restart tangd-update" in the machine running tang. Fix: To fix this issue, the key generation and cache update mechanism logic was moved to tang itself. Result: As a result, there is no dependency on the sometimes unreliable file watching mechanism, and tang cache is kept in a proper state at all times. |
|||
| Jan Fiala | 2020-07-13 12:20:11 UTC | CC | jafiala, scorreia | |
| Docs Contact | mjahoda | jafiala | ||
| Doc Text | Cause: When generating its keys (e.g., when first installing tang), tang triggers a cache update through a file watching mechanism that has shown to be unreliable in certain cases. Consequence: As a consequence, in these situations, tang will not properly update its cache to reflect its keys, which can cause issues when trying to use the tang pin in clevis; when this happens, the client will display the following message: "Key derivation key not available". As a workaround, when this happens, we can run "systemctl restart tangd-update" in the machine running tang. Fix: To fix this issue, the key generation and cache update mechanism logic was moved to tang itself. Result: As a result, there is no dependency on the sometimes unreliable file watching mechanism, and tang cache is kept in a proper state at all times. | .Tang reliably updates its cache When Tang generates its keys (for example, at first installation of Tang), Tang updates its cache. Previously, this process was unreliable and the Tang cache did not update correctly to reflect Tang keys. This caused problems with using a tang pin in clevis, with the client displaying the error message `Key derivation key not available`. With this update, key generation and cache update logic was moved to Tang, removing the file watching dependency. As a result, the Tang cache remains in a correct state after cache update. | ||
| Flags | needinfo?(scorreia) | |||
| Jan Fiala | 2020-07-15 07:36:35 UTC | Flags | needinfo?(mzeleny) | |
| Jan Fiala | 2020-07-15 07:39:55 UTC | Flags | needinfo?(scorreia) needinfo?(mzeleny) | needinfo+ needinfo+ |
| Jan Fiala | 2020-07-15 09:02:02 UTC | Doc Text | .Tang reliably updates its cache When Tang generates its keys (for example, at first installation of Tang), Tang updates its cache. Previously, this process was unreliable and the Tang cache did not update correctly to reflect Tang keys. This caused problems with using a tang pin in clevis, with the client displaying the error message `Key derivation key not available`. With this update, key generation and cache update logic was moved to Tang, removing the file watching dependency. As a result, the Tang cache remains in a correct state after cache update. | .Tang reliably updates its cache When the Tang application generates its keys, for example, at first installation, Tang updates its cache. Previously, this process was unreliable, and the application cache did not update correctly to reflect Tang keys. This caused problems with using a Tang pin in Clevis, with the client displaying the error message `Key derivation key not available`. With this update, key generation and cache update logic was moved to Tang, removing the file watching dependency. As a result, the application cache remains in a correct state after cache update. |
| Nikos Mavrogiannopoulos | 2020-08-07 12:01:09 UTC | Pool ID | sst_platform_security_rhel_7 | |
| Nikos Mavrogiannopoulos | 2020-08-10 11:48:08 UTC | Pool ID | sst_security_special_projects_rhel_7 | |
| errata-xmlrpc | 2020-09-29 00:20:14 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2020-09-29 20:08:34 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2020-09-29 20:08:34 UTC | |||
| errata-xmlrpc | 2020-09-29 20:08:36 UTC | Link ID | Red Hat Product Errata RHBA-2020:3960 | |
| Lukas Vrabec | 2020-10-20 13:46:10 UTC | CC | lvrabec | |
| Flags | needinfo+ needinfo+ |
Back to bug 1703445