[bug-notifications] [openssl_rt 0004807]: Migration of SSL certs fails on upgrade
Mantis Bug Tracker
noreply at opencsw.org
Fri Jul 22 14:53:11 CEST 2011
A NOTE has been added to this issue.
======================================================================
https://www.opencsw.org/mantis/view.php?id=4807
======================================================================
Reported By: domcleal
Assigned To: yann
======================================================================
Project: openssl_rt
Issue ID: 4807
Category: upgrade
Reproducibility: always
Severity: major
Priority: normal
Status: feedback
======================================================================
Date Submitted: 2011-07-19 15:16 CEST
Last Modified: 2011-07-22 14:53 CEST
======================================================================
Summary: Migration of SSL certs fails on upgrade
Description:
When upgrading with pkgutil from
openssl_rt-0.9.8,REV=2007.12.26_rev=g-SunOS5.8-sparc-CSW to
openssl_rt-0.9.8r,REV=2011.02.12-SunOS5.9-sparc-CSW, the package preinstall
performs a migration of SSL certs from /opt/csw/ssl/certs to
/opt/csw/etc/ssl/certs.
This causes the pkgadd to fail, as it also removes the /opt/csw/ssl/certs
directory:
Custom certificates have been installed in /opt/csw/ssl/certs/.
They will be moved under /opt/csw/etc/ssl/certs.
see /opt/csw/share/doc/openssl_rt/README.CSW for more information
about CA.
WARNING: /opt/csw/ssl/certs <no longer a directory>
mv: cannot rename /opt/csw/ssl/certs/demo to /opt/csw/etc/ssl/certs/demo:
File exists
mv: cannot rename /opt/csw/ssl/certs/expired to
/opt/csw/etc/ssl/certs/expired: File exists
rmdir: directory "/opt/csw/ssl/certs": Directory not empty
WARNING: /opt/csw/ssl/certs may not overwrite a populated directory.
pkgadd: ERROR: /opt/csw/ssl/certs could not be installed.
Updating certificates in /opt/csw/etc/ssl/certs...done.
Installation of <CSWosslrt> partially failed.
Removing the "rmdir /opt/csw/ssl/certs" from the preinstall lets the
upgrade go through, indicating perhaps that the directory should be left in
place?
======================================================================
----------------------------------------------------------------------
(0009211) yann (manager) - 2011-07-22 14:53
https://www.opencsw.org/mantis/view.php?id=4807#c9211
----------------------------------------------------------------------
Hi,
I still don't reproduce the bug using directly pkgutil.
# pkginfo -x CSWosslrt
CSWosslrt openssl_rt - Openssl runtime libraries
(i386) 0.9.8,REV=2007.12.26_rev=g
# pkgutil -t http://buildfarm.opencsw.org/opencsw/experimental/yann -y -u
openssl_rt
[...]
=> Removing old version of CSWosslrt (1/1) ...
Removal of <CSWosslrt> was successful.
=> Installing CSWosslrt-0.9.8r,REV=2011.07.21 (1/1) ...
Please see /opt/csw/share/doc/openssl_rt/license for license information.
Custom certificates have been installed in /opt/csw/ssl/certs/.
They will be moved under /opt/csw/etc/ssl/certs.
see /opt/csw/share/doc/openssl_rt/README.CSW for more information
about CA.
Updating certificates in /opt/csw/etc/ssl/certs...done.
Installation of <CSWosslrt> was successful.
The difference is in our admin file:
# cat /var/opt/csw/pkgutil/admin
mail=
instance=overwrite
partial=nocheck
runlevel=nocheck
idepend=nocheck
rdepend=nocheck
space=nocheck
setuid=nocheck
conflict=nocheck
action=nocheck
basedir=default
I checked the 2.1,REV=2010.07.28 and the 2.4,REV=2011.05.15 versions, and
the default provided admin files is identical to mine.
Have you made some modification to your admin file ?
More information about the bug-notifications
mailing list