+++ This bug is an upstream to downstream clone. The original bug is: +++ +++ bug 1528816 +++ ====================================================================== Description of problem: See bug 1528813. ovirt-hosted-engine-cleanup calls 'vdsm-tool remove-config', but this leaves at least some files changed by vdsm with the changes. First one I noticed is that libvirtd fails to start with: Dec 24 13:21:57 lvc7host1.home.local libvirtd[16297]: 2017-12-24 11:21:57.641+0000: 16297: error : virNetTLSContextCheckCertFile:120 : Cannot read CA certificate '/etc/pki/vdsm/certs/cacert.pem': No such file or directory Because /etc/libvirt/libvirtd.conf has: ## beginning of configuration section by vdsm-4.20.0 auth_unix_rw="sasl" ca_file="/etc/pki/vdsm/certs/cacert.pem" cert_file="/etc/pki/vdsm/certs/vdsmcert.pem" host_uuid="88f843a0-fdda-4eb2-bdb4-b6edacd7ad6e" keepalive_interval=-1 key_file="/etc/pki/vdsm/keys/vdsmkey.pem" unix_sock_group="qemu" unix_sock_rw_perms="0770" ## end of configuration section by vdsm-4.20.0 which is not removed, while the cleanup script later does remove vdsmcert.pem , so libvirtd fails to read it. Version-Release number of selected component (if applicable): Current master How reproducible: Not sure, I think always Steps to Reproduce: 1. deploy hosted-engine. It's probably enough to 'vdsm-tool configure --force'. 2. vdsm-tool remove-config 3. Actual results: All configuration files changed by (1.) are reverted to their original state. Expected results: At least some are not. Additional info: (Originally by didi)
Verified on vdsm-4.19.44-1.el7ev.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2018:0136
BZ<2>Jira re-sync