Bug 690626

Summary: pkiremove removes the registry entry for all instances on a machine
Product: [Retired] Dogtag Certificate System Reporter: Ade Lee <alee>
Component: Installer (pkicreate/pkiremove)Assignee: RHCS Maintainers <rhcs-maint>
Status: CLOSED EOL QA Contact: Ben Levenson <benl>
Severity: high Docs Contact:
Priority: unspecified    
Version: 9.0CC: alee
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 691076 (view as bug list) Environment:
Last Closed: 2020-03-27 20:00:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 691076    
Attachments:
Description Flags
preserve pki registry directory during uninstall alee: review+

Description Ade Lee 2011-03-24 20:24:16 UTC 
Description of problem:

This problem manifests itself if there is more than one instance of a subsystem on a machine.  When pkiremove is executed, it removes the registry directory /etc/sysconfig/pki/<subsystem_type> rather than the registry entry for that specific instance. (/etc/sysconfig/pki/<type>/foo).

My guess is that its going through its installation manifest and sees that it created the directory - and then blows it away.

The problem of course, is that any other instances of the same type then lose their own entries and become inoperable.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Install two instances of a CA using pkicreate
2. Remove one instance using pkicreate (maybe the first instance created).
3. All other instances of the same type become inoperable. 
  
Actual results:


Expected results:

Only the registry entries for the instance being removed should be removed.  If no other instances exist, then the top level can safely be removed.


Additional info:
Comment 1 John Dennis 2011-03-24 21:24:14 UTC 
This should be an easy fix, when you create an file or directory in pkicreate you can specify it's uninstall action, by default it's 'remove' but you can set it to 'preserve'. So all I think we need to do is set the uninstall action for /etc/sysconfig/pki/<subsystem_type> to 'preserve'.

Maybe there should be an uninstall action called 'preserve_unless_empty' so we don't leave empty directories around.
Comment 2 John Dennis 2011-03-25 21:42:17 UTC 
Created attachment 487683 [details]
preserve pki registry directory during uninstall

The fix in the patch prevents /etc/sysconfig/<subsystem> from being nuked even if it wasn't empty.

However, if /etc/sysconfig and it's children are empty the directories are still removed because of this code in pkiremove. I'm pretty sure this is the desired behaviour.

    # Establish PKI subsystem-level registry
    $pki_registry_subsystem_path = "$pki_registry_path/$subsystem_type";

    # If empty, remove the PKI subsystem-level registry
    if (directory_exists($pki_registry_subsystem_path)) {
        if (is_directory_empty($pki_registry_subsystem_path)) {
            remove_directory($pki_registry_subsystem_path);
        }
    }

    # If empty, remove the PKI-level registry
    if (directory_exists($pki_registry_path)) {
        if (is_directory_empty($pki_registry_path)) {
            remove_directory($pki_registry_path);
        }
    }
Comment 3 John Dennis 2011-03-25 22:03:14 UTC 
Oh BTW, I did test the various scenarios, each does what is expected.
Comment 4 John Dennis 2011-03-28 17:37:47 UTC 
Fixed and committed.

Sending        base/setup/pkicreate
Transmitting file data .
Committed revision 1933.