Bug 1474886 - Missing /etc/crypto-policies/back-ends/krb5.config in crypto-policies-20170606-2.git7c32281.fc27 does not provide
Summary: Missing /etc/crypto-policies/back-ends/krb5.config in crypto-policies-2017060...
Keywords:
Status: CLOSED DUPLICATE of bug 1474757
Alias: None
Product: Fedora
Classification: Fedora
Component: crypto-policies
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Nikos Mavrogiannopoulos
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-07-25 14:55 UTC by Lukas Slebodnik
Modified: 2017-07-25 15:54 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2017-07-25 15:54:29 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Lukas Slebodnik 2017-07-25 14:55:27 UTC 
Description of problem:
The latest update of crypto-policies in rawhide broke sssd unit test.
We already discussed it in different bugzilla ticket which I cannot quickly find.

IMHO symbolic link /etc/krb5.conf.d/crypto-policies in krb5-libs to file generated in crypto-policies /etc/crypto-policies/back-ends/krb5.config is quite from ideal solution. Because broken symbolic link basically disable all krb5 features.

I would appreciate if crypto-policies could be fixed in rawhide. So we can build sssd. (I would like to avoid disabling unit-test due to issues in other package)

<mock-chroot> sh-4.4# rpm -q crypto-policies
crypto-policies-20170606-2.git7c32281.fc27.noarch
<mock-chroot> sh-4.4# ls -l /etc/crypto-policies/back-ends/
total 0 

Version-Release number of selected component (if applicable):
sh# rpm -q crypto-policies
crypto-policies-20170606-2.git7c32281.fc27.noarch

How reproducible:
Quite often in koji

https://koji.fedoraproject.org/koji/taskinfo?taskID=20723443
https://koji.fedoraproject.org/koji/taskinfo?taskID=20722446

Additional info:
We can see scriptlet erros in root.log for failed builds.
https://kojipkgs.fedoraproject.org//work/tasks/2462/20722462/root.log

DEBUG util.py:439:  warning: /etc/hosts created as /etc/hosts.rpmnew
DEBUG util.py:439:  /usr/bin/update-crypto-policies: line 56: cat: command not found
DEBUG util.py:439:  /usr/bin/update-crypto-policies: line 66: cat: command not found
DEBUG util.py:439:  warning: %post(crypto-policies-20170606-2.git7c32281.fc27.noarch) scriptlet failed, exit status 1


An I can see in root.log that crypt-policies were installed before coreutils
DEBUG util.py:439:  cpio-2.12-4.fc26.i686
DEBUG util.py:439:  libatomic-7.1.1-6.fc27.i686
DEBUG util.py:439:  libmpx-7.1.1-6.fc27.i686
DEBUG util.py:439:  crypto-policies-20170606-2.git7c32281.fc27.noarch
DEBUG util.py:439:  coreutils-8.27-10.fc27.i686
DEBUG util.py:439:  libmount-2.30.1-1.fc27.i686
DEBUG util.py:439:  cracklib-2.9.6-5.fc26.i686
DEBUG util.py:439:  pam-1.3.0-3.fc27.i686

I assume there are missing "Requires(post)" for dome dependencies used in /usr/bin/update-crypto-policies

sh$ rpm -q --scripts crypto-policies
postinstall scriptlet (using /bin/sh):
/usr/bin/update-crypto-policies --no-check >/dev/null
Comment 1 Nikos Mavrogiannopoulos 2017-07-25 15:54:29 UTC 

*** This bug has been marked as a duplicate of bug 1474757 ***
Note You need to log in before you can comment on or make changes to this bug.