Bug 1252973
| Summary: | authconfig unpredictable file content | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Arpit Tolani <atolani> | |
| Component: | authconfig | Assignee: | Tomas Mraz <tmraz> | |
| Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 6.7 | CC: | cww, ebenes, hklein, pkis | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1320943 (view as bug list) | Environment: | ||
| Last Closed: | 2016-06-01 19:12:32 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1172231, 1269194 | |||
Created attachment 1062070 [details] Proposed patch for the bug Description of problem: With the method chosen to write the /etc/sysconfig/authconfig file it's not possible to verify if the content has changed since the last run or not due to the fact of using a dictionary to store the key/value params and use iteritems over them. a more reproduce able way is to instead of using iteritems from the dictionary a sorted list (see attached patch) How reproducible: as described above, everytime authconfig is called this is what currently happens $ md5sum /etc/sysconfig/authconfig 93adf3e2b9272626064870d1a7ac1ace /etc/sysconfig/authconfig $ authconfig --updateall $ md5sum /etc/sysconfig/authconfig 571a51f178bc49f7db03993255110f45 /etc/sysconfig/authconfig $ authconfig --updateall $ md5sum /etc/sysconfig/authconfig 6ac7ad67f313f8ce3250e8e56864b507 /etc/sysconfig/authconfig this is what we are expecting $ md5sum /etc/sysconfig/authconfig 93adf3e2b9272626064870d1a7ac1ace /etc/sysconfig/authconfig $ authconfig --updateall $ md5sum /etc/sysconfig/authconfig 93adf3e2b9272626064870d1a7ac1ace /etc/sysconfig/authconfig Additional info: there's an additional _truncate_ in the write section of the SHVFile which also make's it impossible to have a unique hash when deploying the plan file and afterwards calling "/usr/sbin/authconfig --updateall"