Bug 1377621

Summary: ipsets' initscript unable to delete configuration (save empty)
Product: Red Hat Enterprise Linux 7 Reporter: Tomas Dolezal <todoleza>
Component: ipsetAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact: Vaclav Danek <vdanek>
Severity: low Docs Contact:
Priority: medium    
Version: 7.3CC: psklenar, todoleza
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1136257 Environment:
Last Closed: 2017-08-01 12:15:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1136257    
Bug Blocks: 1400961    

Comment 1 Tomas Dolezal 2016-09-20 08:49:40 UTC 
if there's saved configuration and ipset service was started, flushing ipset configuration followed by saving yields no results and returns exit code 0.

the quiet success of saving actually does not copy loaded configuration to saved configuration for future reloads. the end result is thus not the same as if there was any configuration present.
Comment 3 Thomas Woerner 2017-01-31 19:55:52 UTC 
There is a simply solution for this:

ipset.start-stop:
-    [[ -z $(${IPSET_BIN} list -name) ]] && return 0
+    if [[ -z $(${IPSET_BIN} list -name) ]]; then
+       if [[ -f $IPSET_DATA ]]; then
+           mv $IPSET_DATA $IPSET_DATA.save && chmod 600 $IPSET_DATA.save \
+                   || return 1
+       fi
+       return 0
+    fi
Comment 7 errata-xmlrpc 2017-08-01 12:15:33 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1904