Actions
Bug #15905
closedBug #15801: Rudder agent cannot copy the certificate if the user defined one that is a link to a file in a different mount point
Bug #15806: Agent should not try to set permission of certificate if it is a symbolic link
If "ca.cert" exists, you can't have link for "rudder.crt"
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
Reviewed
Fix check:
Error - Fixed
Regression:
Description
So, it is still broken.
Orig:
root@server:~# ls -la /opt/rudder/etc/ssl/ drwxr-xr-x 2 root root 4096 Oct 9 13:50 . drwxr-xr-x 9 root root 4096 Oct 9 13:18 .. -rw------- 1 root root 1375 Oct 9 13:50 ca.cert -rw-r--r-- 1 root root 781 Nov 22 2017 openssl.cnf -rw-r--r-- 1 root root 1375 Oct 9 07:35 rudder.crt -rw-r----- 1 root www-data 1708 Oct 9 07:35 rudder.key
Changed to:
root@server:~# ls -la /opt/rudder/etc/ssl/ total 28 drwxr-xr-x 2 root root 4096 Oct 9 13:52 . drwxr-xr-x 9 root root 4096 Oct 9 13:18 .. -rw------- 1 root root 1375 Oct 9 13:50 ca.cert -rw-r--r-- 1 root root 781 Nov 22 2017 openssl.cnf lrwxrwxrwx 1 root root 35 Oct 9 13:52 rudder.crt -> /opt/rudder/etc/ssl/rudder.crt_orig -rw-r--r-- 1 root root 1375 Oct 9 07:35 rudder.crt_orig lrwxrwxrwx 1 root root 35 Oct 9 13:52 rudder.key -> /opt/rudder/etc/ssl/rudder.key_orig -rw-r----- 1 root www-data 1708 Oct 9 07:35 rudder.key_orig
I get with rudder agent run -i
:
error: Object '/opt/rudder/etc/ssl/ca.cert' exists and is obstructing our promise error: Unable to create link '/opt/rudder/etc/ssl/ca.cert' -> '/opt/rudder/etc/ssl/rudder.crt_orig', failed to move obstruction
Updated by Nicolas CHARLES about 5 years ago
- Status changed from New to In progress
Updated by Nicolas CHARLES about 5 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1532
Updated by Nicolas CHARLES about 5 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-techniques|71f3c902edec6d8fa3c3f844ef8c8707cd40bb6f.
Updated by Alexis Mousset about 5 years ago
- Name check changed from To do to Reviewed
Updated by François ARMAND about 5 years ago
- Fix check changed from To do to Error - Blocking
Updated by François ARMAND about 5 years ago
- Fix check changed from Error - Blocking to Error - Fixed
The child ticket is not blocking anymore for the first use case, so we will not correct it in 5.0.15.
Updated by Vincent MEMBRÉ about 5 years ago
This bug has been fixed in Rudder 5.0.15 which was released today.
Updated by Vincent MEMBRÉ about 4 years ago
- Related to Bug #16289: Errors in rudder agent run when rudder.crt is a symbolic link added
Updated by Vincent MEMBRÉ about 4 years ago
- Status changed from Pending release to Released
Actions