Bug 1474886 - Missing /etc/crypto-policies/back-ends/krb5.config in crypto-policies-20170606-2.git7c32281.fc27 does not provide
Missing /etc/crypto-policies/back-ends/krb5.config in crypto-policies-2017060...
Status: CLOSED DUPLICATE of bug 1474757
Product: Fedora
Classification: Fedora
Component: crypto-policies (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Nikos Mavrogiannopoulos
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2017-07-25 10:55 EDT by Lukas Slebodnik
Modified: 2017-07-25 11:54 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2017-07-25 11:54:29 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Lukas Slebodnik 2017-07-25 10:55:27 EDT
Description of problem:
The latest update of crypto-policies in rawhide broke sssd unit test.
We already discussed it in different bugzilla ticket which I cannot quickly find.

IMHO symbolic link /etc/krb5.conf.d/crypto-policies in krb5-libs to file generated in crypto-policies /etc/crypto-policies/back-ends/krb5.config is quite from ideal solution. Because broken symbolic link basically disable all krb5 features.

I would appreciate if crypto-policies could be fixed in rawhide. So we can build sssd. (I would like to avoid disabling unit-test due to issues in other package)

<mock-chroot> sh-4.4# rpm -q crypto-policies
<mock-chroot> sh-4.4# ls -l /etc/crypto-policies/back-ends/
total 0 

Version-Release number of selected component (if applicable):
sh# rpm -q crypto-policies

How reproducible:
Quite often in koji


Additional info:
We can see scriptlet erros in root.log for failed builds.

DEBUG util.py:439:  warning: /etc/hosts created as /etc/hosts.rpmnew
DEBUG util.py:439:  /usr/bin/update-crypto-policies: line 56: cat: command not found
DEBUG util.py:439:  /usr/bin/update-crypto-policies: line 66: cat: command not found
DEBUG util.py:439:  warning: %post(crypto-policies-20170606-2.git7c32281.fc27.noarch) scriptlet failed, exit status 1

An I can see in root.log that crypt-policies were installed before coreutils
DEBUG util.py:439:  cpio-2.12-4.fc26.i686
DEBUG util.py:439:  libatomic-7.1.1-6.fc27.i686
DEBUG util.py:439:  libmpx-7.1.1-6.fc27.i686
DEBUG util.py:439:  crypto-policies-20170606-2.git7c32281.fc27.noarch
DEBUG util.py:439:  coreutils-8.27-10.fc27.i686
DEBUG util.py:439:  libmount-2.30.1-1.fc27.i686
DEBUG util.py:439:  cracklib-2.9.6-5.fc26.i686
DEBUG util.py:439:  pam-1.3.0-3.fc27.i686

I assume there are missing "Requires(post)" for dome dependencies used in /usr/bin/update-crypto-policies

sh$ rpm -q --scripts crypto-policies
postinstall scriptlet (using /bin/sh):
/usr/bin/update-crypto-policies --no-check >/dev/null
Comment 1 Nikos Mavrogiannopoulos 2017-07-25 11:54:29 EDT

*** This bug has been marked as a duplicate of bug 1474757 ***

Note You need to log in before you can comment on or make changes to this bug.