Description of problem: Following file has nothing to do with PKI, this is just password for sasl. # ls -lZ /etc/pki/vdsm/keys/libvirt_password -rw-------. vdsm kvm system_u:object_r:cert_t:s0 Move it to sane location to not pollute a directory with specific sense with irrelevant files. Version-Release number of selected component (if applicable): vdsm-4.16.0-3.git601f786.el6.x86_64 How reproducible: 100% Steps to Reproduce: 1. what PKI stands for? 2. how relevent to PKI is /etc/pki/vdsm/keys/libvirt_password ? 3. Actual results: irrelevant Expected results: irrelevant files should not be in /etc/pki Additional info: nitpicking ;)
Alon, any best fit for such file? is /etc/vdsm/ reasonable location?
(In reply to Yaniv Bronhaim from comment #1) > Alon, any best fit for such file? is /etc/vdsm/ reasonable location? the entire vdsm/pki configuration that is not to be touched by user should be in /var/lib/vdsm, this file for example should be at /var/lib/vdsm/secrets or similar. I suggest not to change anything at this point, there are lots of validations anyway.
To what validations do you refer to ? We are using this file only to set sasl password, so once [1] is merged we shouldn't have any more references to this file at all - I don't see any problem to move the file under /var/lib [1] https://gerrit.ovirt.org/39823
(In reply to Alon Bar-Lev from comment #2) > I suggest not to change anything at this point, there are lots of > validations anyway. sorry! s/validations/violations/ :)
imo this is ridiculous, at least he said: > ...at this point...
I must agree with Alon and Yaniv. We should not touch this, as it doesn't interfere with anything, and I wouldn't want any change there to cause regressions in the future because someone relied on something. That's why I agree with closing this as wontfix.