Project

General

Profile

Bug #12491

Foreman prerm deletes local_secret_token on upgrade

Added by Dominic Cleal over 4 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Debian/Ubuntu
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

On an upgrade of "foreman", the local_secret_token (used for session encryption etc) is deleted. It's only meant to be deleted on final removal, not upgrades.

Preparing to unpack .../foreman_1.10.0~rc2-1_amd64.deb ...
+ set -e
+ . /usr/share/debconf/confmodule
+ [ !  ]
+ PERL_DL_NONLAZY=1
+ export PERL_DL_NONLAZY
+ [  ]
+ exec /usr/share/debconf/frontend /var/lib/dpkg/info/foreman.prerm upgrade 1.10.0~rc2-1
+ set -e
+ . /usr/share/debconf/confmodule
+ [ ! 1 ]
+ [ -z  ]
+ exec
+ [  ]
+ exec
+ DEBCONF_REDIR=1
+ export DEBCONF_REDIR
+ [ -x /etc/init.d/foreman ]
+ invoke-rc.d foreman stop
+ [ -f /usr/share/foreman/config/initializers/local_secret_token.rb ]
+ rm -f /usr/share/foreman/config/initializers/local_secret_token.rb
+ exit 0
+ set -e
+ exit 0
Unpacking foreman (1.10.0~rc2-1) over (1.9.3-1) ...

It's then recreated:

+ [ ! -f config/initializers/local_secret_token.rb ]
+ touch config/initializers/local_secret_token.rb
+ chmod 0660 config/initializers/local_secret_token.rb
+ chgrp foreman config/initializers/local_secret_token.rb
+ [ ! -z 1 ]
+ /usr/sbin/foreman-rake security:generate_token
+ chmod 0640 config/initializers/local_secret_token.rb

This is probably why some users report their sessions to be invalid after upgrade.

Associated revisions

Revision 36766733 (diff)
Added by Dominic Cleal over 4 years ago

fixes #12491 - only remove local token secret on removal

History

#1 Updated by Dominic Cleal over 4 years ago

  • Status changed from New to Assigned
  • Assignee set to Dominic Cleal

#2 Updated by The Foreman Bot over 4 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-packaging/pull/896 added

#3 Updated by Dominic Cleal over 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
  • Legacy Backlogs Release (now unused) set to 71

Also available in: Atom PDF