Bug 2100617

Summary: Upgrading OpenJDK causes /etc/ empty directories to be deleted [rhel-7.9.z]
Product: Red Hat Enterprise Linux 7 Reporter: Mike Millson <mmillson>
Component: copy-jdk-configsAssignee: jiri vanek <jvanek>
Status: CLOSED ERRATA QA Contact: OpenJDK QA <java-qa>
Severity: high Docs Contact:
Priority: high    
Version: 7.9CC: ahughes, jandrlik, jvanek, kpfleming, pbhoot, vrajput
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: copy-jdk-configs-3.3-11.el7_9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-10-13 10:11:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mike Millson 2022-06-23 19:33:16 UTC
The following empty directories were deleted when updating from 1.8.0.282.b08-1.el7_9.x86_64 to 1.8.0.332.b09-1.el7_9.x86_64:
*/etc/krb5.conf.d
*/etc/cron.monthly
*/etc/cron.weekly

Something very unexpected is causing copy_jdk_configs_fixFiles to escape from /etc/java/<java-version>/ to /etc/ and identify and remove empty folders that are not associated with the java install.

Add checks to prevent the code from escaping /etc/java/<java-version>/.

Comment 4 jiri vanek 2022-06-28 15:05:00 UTC
(In reply to Mike Millson from comment #0)
> The following empty directories were deleted when updating from
> 1.8.0.282.b08-1.el7_9.x86_64 to 1.8.0.332.b09-1.el7_9.x86_64:
> */etc/krb5.conf.d
> */etc/cron.monthly
> */etc/cron.weekly
> 
> Something very unexpected is causing copy_jdk_configs_fixFiles to escape
> from /etc/java/<java-version>/ to /etc/ and identify and remove empty
> folders that are not associated with the java install.
> 
> Add checks to prevent the code from escaping /etc/java/<java-version>/.

I can confirm that providing rogue symlink to etc may lead to the cleaner script to leak out of /etc/java/nvr/configs
The fix should be to verify each deleted directory belongs to the RPMbeing deleted.  Bad consequence will be that the cleaner script was supposed to remove dangling leftovers after custom configs, this wil be gone, but still better then remove foregin dirs in /etc

Comment 13 jiri vanek 2022-10-03 17:03:53 UTC
Hi Mike/VIRENDRASINGH

Can they please try attached rpm?

Comment 24 errata-xmlrpc 2022-10-13 10:11:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (copy-jdk-configs can remove empty dirs in etc if rogue symlink is placed in jdk), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:6851