This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 1252973 - authconfig unpredictable file content
authconfig unpredictable file content
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: authconfig (Show other bugs)
Unspecified Unspecified
medium Severity medium
: rc
: ---
Assigned To: Tomas Mraz
BaseOS QE Security Team
Depends On:
Blocks: 1172231 1269194
  Show dependency treegraph
Reported: 2015-08-12 11:40 EDT by Arpit Tolani
Modified: 2016-06-01 15:12 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1320943 (view as bug list)
Last Closed: 2016-06-01 15:12:32 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Arpit Tolani 2015-08-12 11:40:38 EDT
Created attachment 1062070 [details]
Proposed patch for the bug

Description of problem:
With the method chosen to write the /etc/sysconfig/authconfig file it's 
not possible to verify if the content has changed since the last run or 
not due to the fact of using a dictionary to store the key/value params 
and use iteritems over them.

a more reproduce able way is to instead of using iteritems from the dictionary a sorted list (see attached patch)

How reproducible:
as described above, everytime authconfig is called

this is what currently happens
$ md5sum /etc/sysconfig/authconfig 
93adf3e2b9272626064870d1a7ac1ace  /etc/sysconfig/authconfig
$ authconfig --updateall
$ md5sum /etc/sysconfig/authconfig 
571a51f178bc49f7db03993255110f45  /etc/sysconfig/authconfig
$ authconfig --updateall
$ md5sum /etc/sysconfig/authconfig 
6ac7ad67f313f8ce3250e8e56864b507  /etc/sysconfig/authconfig

this is what we are expecting
$ md5sum /etc/sysconfig/authconfig 
93adf3e2b9272626064870d1a7ac1ace  /etc/sysconfig/authconfig
$ authconfig --updateall
$ md5sum /etc/sysconfig/authconfig 
93adf3e2b9272626064870d1a7ac1ace  /etc/sysconfig/authconfig

Additional info:
there's an additional _truncate_ in the write section of the 
SHVFile which also make's it impossible to have a unique hash when 
deploying the plan file and afterwards calling "/usr/sbin/authconfig 

Note You need to log in before you can comment on or make changes to this bug.