Back to bug 2107081
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla | 2022-07-14 09:47:18 UTC | Pool ID | sst_security_special_projects_rhel_8 | |
| Red Hat One Jira (issues.redhat.com) | 2022-07-14 09:53:35 UTC | Link ID | Red Hat Issue Tracker RHELPLAN-127668 | |
| Red Hat One Jira (issues.redhat.com) | 2022-07-14 09:53:48 UTC | Link ID | Red Hat Issue Tracker SECENGSP-4683 | |
| Sergio Arroutbi | 2022-07-21 10:19:50 UTC | Depends On | 2107078 | |
| Sergio Correia | 2022-07-29 13:18:47 UTC | Depends On | 2106814 | |
| CC | scorreia | |||
| Martin Zelený | 2022-07-29 13:24:31 UTC | QA Contact | qe-baseos-security | mzeleny |
| Sergio Correia | 2022-08-02 14:24:01 UTC | Fixed In Version | clevis-15-11.el8 | |
| Status | ASSIGNED | MODIFIED | ||
| errata-xmlrpc | 2022-08-05 14:46:50 UTC | Status | MODIFIED | ON_QA |
| errata-xmlrpc | 2022-08-16 15:16:32 UTC | Status | ON_QA | VERIFIED |
| Mirek Jahoda | 2022-08-25 19:22:28 UTC | CC | mjahoda | |
| Doc Type | If docs needed, set a value | Enhancement | ||
| Docs Contact | mjahoda | |||
| Sergio Arroutbi | 2022-08-26 08:20:18 UTC | Comment | 0 | updated |
| Sergio Arroutbi | 2022-08-26 08:27:06 UTC | Doc Text | Feature: After clevis-systemd installation, if distribution is set to have clevis systemd preset configured, clevis-luks-askpass.path is automatically "enabled" Reason: In order to ease clevis configuration after installation, clevis-systemd package should be modified to use systemd preset to find if package needs to be automatically enabled. Result: In case clevis-luks-askpass.path is enabled in distribution preset, after clevis-systemd package installation, clevis-luks-askpass.path service will be automatically enabled. Assuming clevis-luks-askpass.path is defined in systemd preset (normally, file /lib/systemd/system-preset/90-default.preset): $ cat /lib/systemd/system-preset/90-default.preset ... # Enable clevis-luks-askpass.path enable clevis-luks-askpass.path $ dnf -y install clevis clevis-luks clevis-dracut clevis-systemd Once clevis-systemd package is installed, the previous result, before BZ is fixed, was: $ sudo systemctl list-unit-files clevis-luks-askpass.path UNIT FILE STATE VENDOR PRESET clevis-luks-askpass.path disabled enabled After BZ fixed, new result is: $ sudo systemctl list-unit-files clevis-luks-askpass.path UNIT FILE STATE VENDOR PRESET clevis-luks-askpass.path enabled enabled |
|
| Mirek Jahoda | 2022-09-06 12:25:27 UTC | Doc Text | Feature: After clevis-systemd installation, if distribution is set to have clevis systemd preset configured, clevis-luks-askpass.path is automatically "enabled" Reason: In order to ease clevis configuration after installation, clevis-systemd package should be modified to use systemd preset to find if package needs to be automatically enabled. Result: In case clevis-luks-askpass.path is enabled in distribution preset, after clevis-systemd package installation, clevis-luks-askpass.path service will be automatically enabled. Assuming clevis-luks-askpass.path is defined in systemd preset (normally, file /lib/systemd/system-preset/90-default.preset): $ cat /lib/systemd/system-preset/90-default.preset ... # Enable clevis-luks-askpass.path enable clevis-luks-askpass.path $ dnf -y install clevis clevis-luks clevis-dracut clevis-systemd Once clevis-systemd package is installed, the previous result, before BZ is fixed, was: $ sudo systemctl list-unit-files clevis-luks-askpass.path UNIT FILE STATE VENDOR PRESET clevis-luks-askpass.path disabled enabled After BZ fixed, new result is: $ sudo systemctl list-unit-files clevis-luks-askpass.path UNIT FILE STATE VENDOR PRESET clevis-luks-askpass.path enabled enabled | .`clevis-luks-askpass` is now enabled by default The `/lib/systemd/system-preset/90-default.preset` file now contains the `enable clevis-luks-askpass.path` configuration option and the installation of the `clevis-systemd` sub-package ensures that the `clevis-luks-askpass.path` unit file is enabled. This enables the Clevis encryption client to unlock also LUKS-encrypted volumes that mount late in the boot process. Before this update, the administrator must use the `systemctl enable clevis-luks-askpass.path` command to enable Clevis to unlock such volumes. |
| Mirek Jahoda | 2022-09-06 12:26:48 UTC | Flags | needinfo?(sarroutb) | |
| Sergio Arroutbi | 2022-09-06 12:36:13 UTC | Flags | needinfo?(sarroutb) | needinfo+ |
| Pavel Holica | 2022-09-14 06:07:33 UTC | Depends On | 2126605 | |
| Pavel Holica | 2022-09-14 06:08:44 UTC | Depends On | 2126605 | |
| errata-xmlrpc | 2022-11-08 00:34:00 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2022-11-08 10:01:31 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2022-11-08 10:01:31 UTC | |||
| errata-xmlrpc | 2022-11-08 10:01:33 UTC | Link ID | Red Hat Product Errata RHBA-2022:7644 |
Back to bug 2107081