2396343 – /usr/libexec/dehydrated-cron should add --keep-going to dehydrated invocation.

Bug 2396343 - /usr/libexec/dehydrated-cron should add --keep-going to dehydrated invocation.

Summary: /usr/libexec/dehydrated-cron should add --keep-going to dehydrated invocation.

Keywords:
Status:	NEW
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	dehydrated
Sub Component:
Version:	epel9
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	low
Target Milestone:	---
Assignee:	Paul Wouters
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-09-18 10:11 UTC by Alex Owen
Modified:	2025-09-18 10:11 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Alex Owen 2025-09-18 10:11:48 UTC

Description of problem:

The dehydrated package in EPEL 9 helpfully runs dehydrated periodically out of /usr/libexec/dehydrated-cron

However dehydrated is only run with the --cron switch, thus:

/usr/bin/dehydrated --cron 2>&1 | tee -a ${tempfile}

In my opinion in a production system the --keep-going switch should also be present to minimise problems where multiple certificates are being managed by dehydrated.

I request and suggest the invocation of dehydrated is changed to:

/usr/bin/dehydrated --cron --keep-going 2>&1 | tee -a ${tempfile}


(As a secondary observation I believe the script could be improved by piping the dehydrated output to something like '/usr/bin/logger -p daemon.info -t dehydrated' to preserve the output in the system logs. But others may disagree!)

Regards
Alex Owen

Note You need to log in before you can comment on or make changes to this bug.