Red Hat Bugzilla – Bug 1473501
Apache configuration files installed by CloudForms packages are overwritten on upgrade
Last modified: 2017-11-10 09:00:51 EST
Description of problem:
Have added a "Rewrite" rule to the file (/etc/httpd/conf.d/manageiq-redirects-ui) to fix the redirect upon user log out with SAML2 configured.
Subsequent upgrades of CloudForms packages overwrites that file and our change is lost. Investigation has shown the affected configuration file is not listed in *any* package. Therefore it is apparent that the manifests for the CloudFroms packages are incomplete (defective).
Version-Release number of selected component (if applicable):
Steps to Reproduce:
2.Errata upgrade "yum -y cfme-appliance"
The file /etc/httpd/conf.d/manageiq-redirects-ui should be listed as a "configuration" file in the applicable package so when that package is updated a new file is created with the ".rpmnew" suffix so the modified file is not overwritten and lost.
Currently managed by post config tool like Ansible to fix what CloudForms packaging breaks.
I don't see why you couldn't name the file /etc/httpd/conf.d/custom_saml_integration.conf or something that would make it be included before the other file.
The default httpd.conf in centos/rhel will include all .conf files in the conf.d directory and I'm guessing it's in glob pattern order so alphabetically earlier should get your include line earlier.
# Load config files from the config directory "/etc/httpd/conf.d".
Note, I haven't tested this but this should work as that's how we load all of our configuration files.
It's still unclear why this is needed and if the workaround used here is something we should ship out of box: http://talk.manageiq.org/t/keycloak-2-5-1-saml-integration/2134/3