Bug 581671

Upstream appears to be looking into this as well: 

https://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1552

Submitted a patch for upstream ticket #1552.  

https://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1552

Applied the patch to fedora git.  Branch is V7_4-BZ581671-config-file-filter

Note, the current 7.4 source tree does not include default parameter values set in param_info.in at build time.  The code that would pull these values in is skipped (this is different than the 7.5 source tree at UW).

Therefore, the filter won't be in effect on a configuration directory unless it has been set at some point previous in a configuration file.  For example, to have the filter applied to files in /etc/condor/config.d in a typical installation, the value will have to be set in /etc/condor/condor_config before /etc/condor/config.d is traversed.

The name of the filter parameter is LOCAL_CONFIG_DIR_EXCLUDE_REGEXP.  The suggested default setting is:

LOCAL_CONFIG_DIR_EXCLUDE_REGEXP = ^((\..*)|(.*~)|(#.*)|(.*\.rpmsave)|(.*\.rpmnew))$

Note, this configuration parameter will have to be added to the grid documentation as well.

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause:  manual editing, renaming, etc of condor configuration files could leave backup files in the configuration directory.  Without a filter, the condor daemons will read these files and configuration values could be overwritten by values in backup files.

Consequence:  unintentional changes to the runtime configuration.

Fix:  create a LOCAL_CONFIG_DIR_EXCLUDE_REGEXP configuration parameter that takes a regular expression as a value.  This regular expression is matched against the names of configuration files.  If a match is made, the configuration file is ignored.

Result:  setting this parameter to a reasonable default in /etc/condor/condor_config will protect against unwanted configuration changes from garbage configuration files.

Slated for post 7.4.4-0.17

Reproduced on:
$CondorVersion: 7.4.4 Nov 16 2010 BuildID: RH-7.4.4-0.17.el5 PRE-RELEASE $
$CondorPlatform: I386-LINUX_RHEL5 $

# condor_config_val -config
Configuration source:
	/etc/condor/condor_config
Local configuration sources:
	/etc/condor/config.d/00personal_condor.config
	/etc/condor/config.d/00wallaby-config~
	/etc/condor/config.d/60condor-qmf.config
	/etc/condor/config.d/zzz_condor_config.test

Retested on all supported platforms x86,x86_64/RHEL4,RHEL5 with:
condor-7.4.5-0.6

# condor_config_val -config
Configuration source:
	/etc/condor/condor_config
Local configuration sources:
	/etc/condor/config.d/00personal_condor.config
	/etc/condor/config.d/60condor-qmf.config
	/etc/condor/config.d/99configd.config
	/etc/condor/config.d/zzz_condor_config.test
	/var/lib/condor/wallaby_node.config

# ls /etc/condor/config.d/
00personal_condor.config  60condor-qmf.config  zzz_condor_config.test
00wallaby-config~         99configd.config

# grep LOCAL_CONFIG_DIR_EXCLUDE_REGEXP /etc/condor/condor_config
LOCAL_CONFIG_DIR_EXCLUDE_REGEXP=^((\..*)|(.*~)|(#.*)|(.*\.rpmsave)|(.*personal.*)|(.*\.rpmnew))$

# condor_config_val -config
Configuration source:
	/etc/condor/condor_config
Local configuration sources:
	/etc/condor/config.d/60condor-qmf.config
	/etc/condor/config.d/99configd.config
	/etc/condor/config.d/zzz_condor_config.test
	/var/lib/condor/wallaby_node.config

No regression found, regexp is interpreted and temporary files are omitted from configuration. 

>>> VERIFIED

    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,7 +1 @@
-Cause:  manual editing, renaming, etc of condor configuration files could leave backup files in the configuration directory.  Without a filter, the condor daemons will read these files and configuration values could be overwritten by values in backup files.
+Unintentional changes to the runtime configuration occurred due to backup files left in the configuration directory after editing: condor daemons read the files and overwrite their configuration values. With this update, you can create a LOCAL_CONFIG_DIR_EXCLUDE_REGEXP configuration parameter with a regular expression as a value. The regular expression is matched against the names of configuration files. If a matching files is found, it is ignored and configuration values are preserved.-
-Consequence:  unintentional changes to the runtime configuration.
-
-Fix:  create a LOCAL_CONFIG_DIR_EXCLUDE_REGEXP configuration parameter that takes a regular expression as a value.  This regular expression is matched against the names of configuration files.  If a match is made, the configuration file is ignored.
-
-Result:  setting this parameter to a reasonable default in /etc/condor/condor_config will protect against unwanted configuration changes from garbage configuration files.

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0217.html