Bug 1409345

Summary:	No diagnostic when cert is not writable
Product:	[Fedora] Fedora EPEL	Reporter:	Stuart D Gathman <stuart>
Component:	acme-tiny	Assignee:	Stuart D Gathman <stuart>
Status:	CLOSED ERRATA	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	low	Docs Contact:
Priority:	unspecified
Version:	el6	CC:	stuart
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:	acme-tiny-0.2-3.20170516gitaf025f5.fc27 acme-tiny-0.2-3.20170516gitaf025f5.el7 acme-tiny-0.2-3.20170516gitaf025f5.fc26 acme-tiny-0.2-3.20170516gitaf025f5.fc25 acme-tiny-0.2-3.20170516gitaf025f5.el6	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2017-12-12 11:16:48 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Stuart D Gathman 2017-01-01 00:45:22 UTC

Description of problem:
When the output cert already exists, and is not writable by acme, the sign script fails silently.

Version-Release number of selected component (if applicable):
acme-tiny-0.1-10.20160810git5a7b4e7.el6.noarch

How reproducible:
always

Steps to Reproduce:
1. change owner of file in /var/lib/acme/certs to root
2. run /usr/libexec/acme-tiny/sign 7 # use a big enough number so cert is renewed
3.

Actual results:
path of cert is listed as needing to be renewed, but nothing happens

Expected results:
Cert is renewed

Additional info:
This happens only when super user screws up and accidentally changes the owner, usually by copying in a cert after playing around.

Comment 1 Stuart D Gathman 2017-01-03 03:40:07 UTC

Expected results: cert is renewed *or* appropriate diagnostic is printed on stderr

Comment 2 Fedora Update System 2017-11-23 05:09:22 UTC

acme-tiny-0.2-3.20170516gitaf025f5.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-532467503a

Comment 3 Fedora Update System 2017-11-23 05:09:36 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-0180e6bed2

Comment 4 Fedora Update System 2017-11-23 05:09:46 UTC

acme-tiny-0.2-3.20170516gitaf025f5.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3e288b6e4d

Comment 5 Fedora Update System 2017-11-23 05:09:57 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-35d7ea827a

Comment 6 Fedora Update System 2017-11-23 05:10:07 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-914865416c

Comment 7 Fedora Update System 2017-11-24 23:23:05 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-914865416c

Comment 8 Fedora Update System 2017-11-25 00:35:31 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-35d7ea827a

Comment 9 Fedora Update System 2017-11-25 00:53:35 UTC

acme-tiny-0.2-3.20170516gitaf025f5.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-3e288b6e4d

Comment 10 Fedora Update System 2017-11-25 01:34:29 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-0180e6bed2

Comment 11 Fedora Update System 2017-11-25 05:23:01 UTC

acme-tiny-0.2-3.20170516gitaf025f5.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-532467503a

Comment 12 Fedora Update System 2017-12-12 11:16:48 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.

Comment 13 Fedora Update System 2017-12-12 12:23:18 UTC

acme-tiny-0.2-3.20170516gitaf025f5.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2017-12-12 13:40:20 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.

Comment 15 Fedora Update System 2017-12-12 14:38:23 UTC

acme-tiny-0.2-3.20170516gitaf025f5.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.

Comment 16 Fedora Update System 2017-12-12 17:32:57 UTC

acme-tiny-0.2-3.20170516gitaf025f5.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.