RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1458913 - gssproxy silently dies at startup if config files contain duplicate sections
Summary: gssproxy silently dies at startup if config files contain duplicate sections
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: gssproxy
Version: 7.4
Hardware: Unspecified
OS: Unspecified
medium
unspecified
Target Milestone: rc
: ---
Assignee: Robbie Harwood
QA Contact: Michal Reznik
URL: https://pagure.io/gssproxy/issue/194
Whiteboard:
Depends On: 1469759
Blocks: 1420851 1472344
TreeView+ depends on / blocked
 
Reported: 2017-06-05 19:49 UTC by James Ralston
Modified: 2021-06-10 12:24 UTC (History)
7 users (show)

Fixed In Version: gssproxy-0.7.0-11.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-04-10 11:09:51 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
1458913 _ver (12.59 KB, text/plain)
2018-01-12 11:25 UTC, Michal Reznik 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:0709 0 None None None 2018-04-10 11:10:44 UTC

Description James Ralston 2017-06-05 19:49:18 UTC 
Description of problem:

The RHEL 7.4 beta includes gssproxy-0.7.0-3.el7, which includes the ability to have multiple configuration files.

Unfortunately, this version of gssproxy will also silently die at startup if the same section is defined more than once in any configuration file.

To make this worse, gssproxy-0.7.0-3.el7 includes a new /etc/gssproxy/99-nfs-client.conf file, which includes a [service/nfs-client] section definition.

This means that for any site that is already using gssproxy on NFSv4 clients, and has thus already has a [service/nfs-client] section in /etc/gssproxy.conf, upgrading to gssproxy-0.7.0-3.el7 will cause gssproxy to stop working on that host.

Version-Release number of selected component (if applicable):

gssproxy-0.7.0-3.el7

How reproducible:

Replicate the contents of /etc/gssproxy/99-nfs-client.conf in the /etc/gssproxy.conf file.

Actual results:

gssproxy will silently die at startup without logging any error message whatsoever, even if debugging is enabled.

Expected results:

gssproxy should emit a warning that it is ignoring the duplicate [service/nfs-client] section definition, but still start up successfully.

Additional info:

While permitting multiple gssproxy configuration files is a welcome feature, the presence of multiple configuration files increases the chances of gssproxy encountering duplicate section definitions.

For that reason, gssproxy *must* cope reasonably when it encounters duplicate section definition. And "silently dying without logging anything whatsoever" is not a reasonable way to cope with duplicate section definitions.
Comment 2 Robbie Harwood 2017-06-06 16:25:12 UTC 
Users are expected to manage configuration files on update with rpmnew/rpmsave.  We'll fix the silent part.
Comment 3 James Ralston 2017-06-06 18:22:54 UTC 
(In reply to Robbie Harwood from comment #2)

> Users are expected to manage configuration files on update with
> rpmnew/rpmsave.

But rpmnew/rpmsave files won't prevent a package from contributing a new /etc/gssproxy/*.conf file that breaks gssproxy because the new file contains a section name that was already defined in another /etc/gssproxy/*.conf file.

> We'll fix the silent part.

Thanks, but the core issue is that gssproxy dies if it encounters duplicate section names. The fact that it does so silently is annoying, but not the main problem.

(See my comments on <https://pagure.io/gssproxy/issue/194>.)
Comment 4 Robbie Harwood 2017-06-07 15:48:54 UTC 
Please keep comments on one bugtracker or the other.  Moving to pagure for discussion.  Thanks!
Comment 7 Michal Reznik 2018-01-12 11:25:56 UTC 
Created attachment 1380399 [details]
1458913 _ver
Comment 8 Michal Reznik 2018-01-12 11:26:48 UTC 
Verified on:

ipa-server-4.5.4-7.el7.x86_64
gssproxy-0.7.0-17.el7.x86_64
Comment 11 errata-xmlrpc 2018-04-10 11:09:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0709
Note You need to log in before you can comment on or make changes to this bug.