Bug 1320943

Summary: authconfig unpredictable file content
Product: Red Hat Enterprise Linux 7 Reporter: Tomas Mraz <tmraz>
Component: authconfigAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Dalibor Pospíšil <dapospis>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.2CC: atolani, dapospis, ebenes, hklein, pkis, qe-baseos-security
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: authconfig-6.2.8-11.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1252973 Environment:
Last Closed: 2016-11-04 06:47:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Tomas Mraz 2016-03-24 10:39:56 UTC 
Description of problem:
With the method chosen to write the /etc/sysconfig/authconfig file it's 
not possible to verify if the content has changed since the last run or 
not due to the fact of using a dictionary to store the key/value params 
and use iteritems over them.

a more reproduce able way is to instead of using iteritems from the dictionary a sorted list (see attached patch)


How reproducible:
as described above, everytime authconfig is called

this is what currently happens
$ md5sum /etc/sysconfig/authconfig 
93adf3e2b9272626064870d1a7ac1ace  /etc/sysconfig/authconfig
$ authconfig --updateall
$ md5sum /etc/sysconfig/authconfig 
571a51f178bc49f7db03993255110f45  /etc/sysconfig/authconfig
$ authconfig --updateall
$ md5sum /etc/sysconfig/authconfig 
6ac7ad67f313f8ce3250e8e56864b507  /etc/sysconfig/authconfig

this is what we are expecting
$ md5sum /etc/sysconfig/authconfig 
93adf3e2b9272626064870d1a7ac1ace  /etc/sysconfig/authconfig
$ authconfig --updateall
$ md5sum /etc/sysconfig/authconfig 
93adf3e2b9272626064870d1a7ac1ace  /etc/sysconfig/authconfig

Additional info:
there's an additional _truncate_ in the write section of the 
SHVFile which also make's it impossible to have a unique hash when 
deploying the plan file and afterwards calling "/usr/sbin/authconfig 
--updateall"
Comment 6 errata-xmlrpc 2016-11-04 06:47:34 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2462.html