#8034 Existing p11-kit config file is not restored on uninstall
Closed: fixed 4 years ago by rcritten. Opened 4 years ago by rcritten.

Issue

During code review of https://github.com/freeipa/freeipa/pull/3484 I discovered that existing
/etc/pkcs11/modules/softhsm2.module is not being restored as part of uninstallation.

I determined that the "file is first restored by fstore.restore_all_files(). Then the task is executed and the first thing it does is unlink() an existing file. Since the copy is not in the fstore anymore the restored file is just removed.

So either the call to restore_pkcs11_modules() needs to happen before fstore.restore_all_files() or perhaps it can be dropped altogether."

Steps to Reproduce

  1. echo "# this is mine" > /etc/pkcs11/modules/softhsm2.module
  2. ipa-server-install --setup-dns
  3. grep softhsm2 /var/lib/ipa/sysrestore/* (to ensure it is backed up)
  4. ipa-server-install --uninistall
  5. cat /etc/pkcs11/modules/softhsm2.module (not there)

Metadata Update from @rcritten:
- Issue assigned to rcritten

4 years ago

master:

  • ffb4b62 Re-order tasks.restore_pkcs11_modules() to run earlier

ipa-4-8:

  • 8e87e65 Re-order tasks.restore_pkcs11_modules() to run earlier

ipa-4-7:

  • a62e3c0 Re-order tasks.restore_pkcs11_modules() to run earlier

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

4 years ago

Login to comment on this ticket.

Metadata