Bug 790160

Summary: unregister a bound consumer leaves stale client certificates on filesystem
Product: [Retired] Pulp Reporter: Pradeep Kilambi <pkilambi>
Component: user-experienceAssignee: Jeff Ortel <jortel>
Status: CLOSED CURRENTRELEASE QA Contact: Preethi Thomas <pthomas>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: mhrivnak, rbarlow, tsanders
Target Milestone: ---Keywords: Triaged
Target Release: 2.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-03-18 16:06:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Pradeep Kilambi 2012-02-13 19:51:40 UTC 
Description of problem:

When a consumer is bound to a repo, we write client certificates to /etc/pki/pulp/client/. But this doesnt get cleaned up when a consumer is unregistered.

[root@domU-12-31-39-07-5C-DC ~]# pulp-consumer consumer bind --repoid=myRepo
Successfully subscribed consumer [myConsumer] to repo [myRepo]

[root@domU-12-31-39-07-5C-DC ~]# pulp-consumer consumer unregister
Successfully unregistered consumer [myConsumer]

[root@domU-12-31-39-07-5C-DC ~]# ls -l /etc/pki/pulp/client/repo/
total 4
drwxr-xr-x. 2 root root 4096 Feb 13 14:47 myRepo

[root@domU-12-31-39-07-5C-DC ~]# ls -l /etc/pki/pulp/client/repo/*
total 8
-rw-r--r--. 1 root root 1440 Feb 13 14:47 ca.crt
-rw-r--r--. 1 root root 3211 Feb 13 14:47 client.crt

unregistering a consumer should clean up any certificates belonging to the consumer
Comment 13 Michael Hrivnak 2013-09-27 14:05:02 UTC 
these certs are now stored in /etc/pki/pulp/consumer/, and they seem to get cleaned up after unregister.
Comment 14 Preethi Thomas 2013-10-04 17:22:34 UTC 
verified

[root@pulp-v2-client ~]# pulp-consumer rpm bind --repo-id centos
Bind tasks successfully created:

Task Id: 79c7e4e8-4191-4dc0-bb3c-e02a91b07eec

Task Id: 8cc35377-afa8-4100-be41-8e3a43d81934


[root@pulp-v2-client ~]# ls -l /etc/pki/pulp/
consumer/ nodes/    
[root@pulp-v2-client ~]# ls -l /etc/pki/pulp/consumer/
total 4
-rw-r--r--. 1 root root 1729 Oct  4 11:05 consumer-cert.pem
[root@pulp-v2-client ~]# 
[root@pulp-v2-client ~]# pulp-consumer unregister
Consumer [pulp-client] successfully unregistered

[root@pulp-v2-client ~]# ls -l /etc/pki/p
product/ pulp/    
[root@pulp-v2-client ~]# ls -l /etc/pki/pulp/
total 8
drwxr-xr-x. 2 root root 4096 Oct  4 14:34 consumer
drwxr-xr-x. 2 root root 4096 May 21 11:57 nodes
[root@pulp-v2-client ~]# ls -l /etc/pki/pulp/consumer/
total 0
[root@pulp-v2-client ~]#
Comment 15 Randy Barlow 2014-03-17 22:05:31 UTC 
Setting a target release so this ticket can get closed.
Comment 16 Preethi Thomas 2014-03-18 16:06:15 UTC 
These were already verified in the corresponding releases that they were fixed in. Moving them to closed current release.