Description of problem: When installing certbot, certbot-renew.timer is not made active, despite being included in 90-defaults.preset. Without this timer enabled, certbot will not automatically run to renew certificates, causing an unexpected expiration. Per https://bugzilla.redhat.com/show_bug.cgi?id=1940211, this timer should be enabled by default when present. Version-Release number of selected component (if applicable): certbot-1.20.0-1.fc35 How reproducible: Always Steps to Reproduce: 1. Install Fedora 35 2. Ensure certbot-renew.timer is present in /usr/lib/systemd/system-preset/90-default.preset (grep certbot /usr/lib/systemd/system-preset/90-default.preset) 3. Install certbot (dnf install -y -q certbot) 4. Search for certbot-renew.timer in systemd timers (systemctl list-timers --all | grep certbot) Actual results: certbot-renew.timer is not listed as an active timer Expected results: certbot-renew.timer should be listed as an active timer Additional info: [root@fedora ~]# grep certbot /usr/lib/systemd/system-preset/90-default.preset enable certbot-renew.timer [root@fedora ~]# dnf install -y -q certbot Installed: certbot-1.20.0-1.fc35.noarch python-josepy-doc-1.9.0-1.fc35.noarch python3-acme-1.20.0-1.fc35.noarch python3-certbot-1.20.0-1.fc35.noarch python3-charset-normalizer-2.0.4-1.fc35.noarch python3-configargparse-1.4.1-2.fc35.noarch python3-configobj-5.0.6-25.fc35.noarch python3-cryptography-3.4.7-5.fc35.x86_64 python3-idna-3.2-1.fc35.noarch python3-josepy-1.9.0-1.fc35.noarch python3-parsedatetime-2.6-4.fc35.noarch python3-pyOpenSSL-21.0.0-1.fc35.noarch python3-pyrfc3339-1.1-9.fc35.noarch python3-pysocks-1.7.1-11.fc35.noarch python3-pytz-2021.3-1.fc35.noarch python3-requests-2.26.0-1.fc35.noarch python3-requests-toolbelt-0.9.1-15.fc35.noarch python3-urllib3-1.26.6-2.fc35.noarch python3-zope-component-4.3.0-18.fc35.noarch python3-zope-event-4.2.0-22.fc35.noarch python3-zope-interface-5.4.0-3.fc35.x86_64 [root@fedora ~]# systemctl list-timers --all | grep certbot [root@fedora ~]#
Yes, I noticed that shortly after releasing 1.20 and fixed this in git: https://src.fedoraproject.org/rpms/certbot/c/92f4517312b68f1dc7397307b8899ef7d4be97e6?branch=rawhide The change will go live once I get to packaging 1.21 (bug 2020069). That version requires a bit of extra time as I need to update Certbot's signing key and 1.21 itself does not bring any significant changes.
FEDORA-2021-ea4a97cd77 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-ea4a97cd77
FEDORA-2021-ea4a97cd77 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-ea4a97cd77` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-ea4a97cd77 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-ea4a97cd77 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.