Version-Release number of selected component (if applicable):
# If it does not already exist, as stap-server, generate the certificate
# used for signing and for ssl.
if test ! -e ~stap-server/.systemtap/ssl/server/stap.cert; then
runuser -s /bin/sh - stap-server -c /usr/libexec/systemtap/stap-gen-cert >/dev/null
which is in /var/lib/stap-server/.systemtap/ssl/server/stap.cert
Steps to Reproduce:
1. Install to a container or image.
2. Run new instance of container or image.
All container and image instances share the same key/certificate.
Each instance should receive a unique key/certificate.
This bug is being file because Product Security considers "first run problems" to be bugs with the source package and with the container or image only in the aggregate. This view is in collaboration with upstream Fedora. See: https://fedorahosted.org/fpc/ticket/506
The recommended resolution for services is to follow the "First-time Service Setup" pattern (see: https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup ). Other packages may should use a runtime check and generation or similar procedure.
upstream commit be665e77eb7c
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.