Red Hat Bugzilla – Bug 1458913
gssproxy silently dies at startup if config files contain duplicate sections
Last modified: 2018-04-10 07:10:44 EDT
Description of problem: The RHEL 7.4 beta includes gssproxy-0.7.0-3.el7, which includes the ability to have multiple configuration files. Unfortunately, this version of gssproxy will also silently die at startup if the same section is defined more than once in any configuration file. To make this worse, gssproxy-0.7.0-3.el7 includes a new /etc/gssproxy/99-nfs-client.conf file, which includes a [service/nfs-client] section definition. This means that for any site that is already using gssproxy on NFSv4 clients, and has thus already has a [service/nfs-client] section in /etc/gssproxy.conf, upgrading to gssproxy-0.7.0-3.el7 will cause gssproxy to stop working on that host. Version-Release number of selected component (if applicable): gssproxy-0.7.0-3.el7 How reproducible: Replicate the contents of /etc/gssproxy/99-nfs-client.conf in the /etc/gssproxy.conf file. Actual results: gssproxy will silently die at startup without logging any error message whatsoever, even if debugging is enabled. Expected results: gssproxy should emit a warning that it is ignoring the duplicate [service/nfs-client] section definition, but still start up successfully. Additional info: While permitting multiple gssproxy configuration files is a welcome feature, the presence of multiple configuration files increases the chances of gssproxy encountering duplicate section definitions. For that reason, gssproxy *must* cope reasonably when it encounters duplicate section definition. And "silently dying without logging anything whatsoever" is not a reasonable way to cope with duplicate section definitions.
Users are expected to manage configuration files on update with rpmnew/rpmsave. We'll fix the silent part.
(In reply to Robbie Harwood from comment #2) > Users are expected to manage configuration files on update with > rpmnew/rpmsave. But rpmnew/rpmsave files won't prevent a package from contributing a new /etc/gssproxy/*.conf file that breaks gssproxy because the new file contains a section name that was already defined in another /etc/gssproxy/*.conf file. > We'll fix the silent part. Thanks, but the core issue is that gssproxy dies if it encounters duplicate section names. The fact that it does so silently is annoying, but not the main problem. (See my comments on <https://pagure.io/gssproxy/issue/194>.)
Please keep comments on one bugtracker or the other. Moving to pagure for discussion. Thanks!
Created attachment 1380399 [details] 1458913 _ver
Verified on: ipa-server-4.5.4-7.el7.x86_64 gssproxy-0.7.0-17.el7.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0709