Bug 586256
Summary: | NM looses p12 certificate location each time | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Robert de Rooy <rderooy> |
Component: | NetworkManager | Assignee: | Dan Williams <dcbw> |
Status: | CLOSED WORKSFORME | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 12 | CC: | dcbw |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-05-03 09:19:17 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Robert de Rooy
2010-04-27 07:24:23 UTC
Hmm, I wasn't able to reproduce this issue earlier this month after one report, and the original reporter said it went away. Can you grab your ~/.xsession-errors file for me? And also, do you have SELinux enabled ('getenforce' from a terminal will tell you)? Last, where is the .p12 certificate, your homedir, a system directory, etc? Selinux is set to permissive, and the certificate file is located in my home directory. After a bit of digging into gconf-editor, I some testing I figured out how to trigger this problem. 1. create connection profile with p12 certificate 2. delete old p12 certificate 3. try to point NM to the new certificate file location networkmanager will not save the new certificate file location But if you take this sequence instead, all works fine 1. create connection profile with p12 certificate 2. point NM to the new certificate file 3. delete old p12 certificate basically once the data in gconf is invalid, nm will no longer update it with new data. I'm not sure I understand quite what "point NM to the new certificate means here"; do you mean point the *connection editor* at the new file after having deleted it, or do you mean point the *applet* at the new file when it asks you for the connection details after you deleted the old one? I did: 1) open the connection editor 2) create new WPA-Enterprise TLS connection using a p12 file and a PEM-format CA certificate 3) close the connection editor 4) choose the AP from the menu 5) verify that we get connected 6) from a terminal, move the old P12 file somewhere else 7) log out 8) log back in; nm-applet asks for the private key 9) give it the new location and wait for connection 10) verify that new private key is seen in connection editor 11) log out 12 log back in and verify that we get connected again What's your exact procedure to reproduce this again? I'm also using the latest testing version of NM from f12-updates, which could affect the problem, but there haven't been major chnages to the connection-editor or applet since the build you're using so I don't expect the issue to have been fixed necessarily. Well, this is strange. I tried again to duplicate the behaviour I had in the past, and could not. What I had a few days ago is that the connection editor would claim no certificate if the file referenced in gconf was no longer present. And when selecting a new certificate it would use if for connecting, but not save it to gconf, as if the gconf entry was read-only. So if you 'saved' the profile in the connection editor and went back in it still claimed (none) and in gconf it was still pointing to the old one. What I did to fix it was to delete the certificate file entries in gconf-editor manually, and select the certificate again in the connection editor. And now I cannot duplicate the old behaviour any more. Ok, if you see this again, please re-open so I can try to track it down again. Thanks! |