Description of problem: The recent rename of /etc/crypto-policies/back-ends/openssh-server.config to "opensshserver.conf" can cause a (non-fatal) parsing error when running update-crypto-policies if "opensshserver-*.config" exists in /etc/crypto-policies/local.d but "openssh-*.config" does not. The glob in update-crypto-policies is incorrectly and greedily grabbing both. Version-Release number of selected component (if applicable): crypto-policies-20180306-1.gitaea6928.fc28 How reproducible: Always Steps to Reproduce: 1.Have a /etc/crypto-policies/local.d/opensshserver-*.config but NOT a /etc/crypto-policies/local.d/openssh-*.config 2. Run update-crypto-policies. Actual results: # update-crypto-policies Setting system policy to FUTURE cat: '/etc/crypto-policies/local.d/openssh-*.config': No such file or directory Expected results: # update-crypto-policies Setting system policy to FUTURE Additional info:
Thanks. Would you like to send a patch to address that upstream? https://gitlab.com/redhat-crypto/fedora-crypto-policies
I'd love to help, but I'm not actually a developer.
Created attachment 1420510 [details] "diff -u" output to fix greedy local.d filename glob I took a quick look and the fix seems quite simple. Attaching a "diff -u" showing the fix.
Thank you. I moved it upstream: https://gitlab.com/redhat-crypto/fedora-crypto-policies/merge_requests/20
crypto-policies-20180425-1.git6ad4018.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-878bffe79b
crypto-policies-20180425-1.git6ad4018.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-878bffe79b
crypto-policies-20180425-1.git6ad4018.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.