Bug 1473501 - Apache configuration files installed by CloudForms packages are overwritten on upgrade
Apache configuration files installed by CloudForms packages are overwritten o...
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance (Show other bugs)
Unspecified Unspecified
unspecified Severity high
: GA
: cfme-future
Assigned To: Gregg Tanzillo
luke couzens
Depends On:
Blocks: 1511957
  Show dependency treegraph
Reported: 2017-07-20 23:17 EDT by tachoi
Modified: 2017-11-10 09:00 EST (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2017-09-15 09:24:58 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core

Attachments (Terms of Use)

  None (edit)
Description tachoi 2017-07-20 23:17:35 EDT
Description of problem:
Have added a "Rewrite" rule to the file (/etc/httpd/conf.d/manageiq-redirects-ui) to fix the redirect upon user log out with SAML2 configured.  
Subsequent upgrades of CloudForms packages overwrites that file and our change is lost.  Investigation has shown the affected configuration file is not listed in *any* package.  Therefore it is apparent that the manifests for the CloudFroms packages are incomplete (defective). 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.modify /etc/httpd/conf.d/manageiq-redirects-ui
2.Errata upgrade "yum -y cfme-appliance"
3.check /etc/httpd/conf.d/manageiq-redirects-ui

Actual results:

Expected results:
The file /etc/httpd/conf.d/manageiq-redirects-ui should be listed as a "configuration" file in the applicable package so when that package is updated a new file is created with the ".rpmnew" suffix so the modified file is not overwritten and lost.

Additional info:
Currently managed by post config tool like Ansible to fix what CloudForms packaging breaks.
Comment 10 Joe Rafaniello 2017-08-29 18:08:11 EDT
I don't see why you couldn't name the file /etc/httpd/conf.d/custom_saml_integration.conf or something that would make it be included before the other file.

The default httpd.conf in centos/rhel will include all .conf files in the conf.d directory and I'm guessing it's in glob pattern order so alphabetically earlier should get your include line earlier.

# Load config files from the config directory "/etc/httpd/conf.d".
Include conf.d/*.conf

Note, I haven't tested this but this should work as that's how we load all of our configuration files.

It's still unclear why this is needed and if the workaround used here is something we should ship out of box:  http://talk.manageiq.org/t/keycloak-2-5-1-saml-integration/2134/3

Note You need to log in before you can comment on or make changes to this bug.