Bug 1874460
| Summary: | 'clevis encrypt sss' doesn't recognize wrong config of nested pin | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Martin Zelený <mzeleny> |
| Component: | clevis | Assignee: | Sergio Correia <scorreia> |
| Status: | CLOSED ERRATA | QA Contact: | Martin Zelený <mzeleny> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 8.3 | CC: | dapospis, rsroka |
| Target Milestone: | rc | Keywords: | AutoVerified, Triaged |
| Target Release: | 8.0 | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | clevis-15-1.el8 | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 15:41:00 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1887836 | ||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (clevis bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:1808 |
Description of problem: sss ping config contains nested pin configs (e.g. tang). If the nested (tang) pin config is malformed (missing property, wrong value of property), 'clevis encrypt sss' command wrongly prints part of encrypted metadata and exits with 0. Version-Release number of selected component (if applicable): clevis-13-3 How reproducible: always Steps to Reproduce: 1. echo "testing data" | clevis encrypt sss '{ "t": 1, "pins": {"tang": [{"url": "wrong_host" }]}}' 2. echo $? Actual results: Unable to fetch advertisement: 'wrong_host/adv/'! eyJhbGciOiJkaXIiLCJjbGV2aXMiOnsicGluIjoic3NzIiwic3NzIjp7Imp3ZSI6WyIiXSwicCI6InhUWEFuaERqTWhKNXozc2Z4NEVtdkZLdGJuUTFUOEVIT1I5X3NXNmd2cHMiLCJ0IjoxfX0sImVuYyI6IkEyNTZHQ00ifQ..GFVxV4znnzLHqCsN.HxIb6n3cFTXOpK91JQ.CEibE4znJat9p1wQTirPuA exit code: 0 Expected results: Unable to fetch advertisement: 'wrong_host/adv/'! exit code: 1 Additional info: No output of encrypted metadata and exit code 1 is expected.