Closed ghost closed 3 years ago
In GitLab by @infinitewarp on Feb 22, 2019, 21:39
Based on outside conversations, it seems that the expected location of this file has moved in RHEL 7.6 and 8.0 to this product-default
path. We should check in both the old and new paths going forward.
In GitLab by @infinitewarp on Feb 26, 2019, 15:08
We had a chat with Dan about this, and we believe that the pem file should always only live in one of two places: /etc/pki/product/
or /etc/pki/product-default/
.
So, let's simply check both. No need for recursive or wildcard patterns.
In GitLab by @infinitewarp on Feb 26, 2019, 15:08
changed the description
In GitLab by @infinitewarp on Feb 26, 2019, 15:11
changed the description
In GitLab by @werwty on Mar 4, 2019, 10:19
assigned to @werwty
In GitLab by @werwty on Mar 5, 2019, 13:17
mentioned in commit ae648d71b33b3e3919d1dfd1c170279c141d3e80
In GitLab by @infinitewarp on Mar 5, 2019, 14:29
mentioned in merge request !74
In GitLab by @infinitewarp on Mar 21, 2019, 14:37
:ship: :it:
In GitLab by @infinitewarp on Mar 21, 2019, 14:37
closed
In GitLab by @infinitewarp on Feb 22, 2019, 18:57
Summary
houndigrade looks for
69.pem
in/etc/pki/product/
, but sometimes that file lives elsewhere.Steps to Reproduce
sudo find /etc/pki -name 69.pem
Expected Result
/etc/pki/product/69.pem
Actual Result
/etc/pki/product-default/69.pem
Additional context
/etc/pki/product/
is the path we were given in #34.houndigrade only looks in
/etc/pki/product/
for69.pem
which means if houndigrade were to inspect an image set up like this marketplace image, it would not identify as RHEL-positive for product certs.Yes, I'm aware that we don't inspect marketplace images. However, if this image has
69.pem
not under our expected path, I think it's likely other customer installations may also.Perhaps we should just look recursively under/etc/pki/
.QE says adding unit tests should be sufficient for verification. No need to expand the integration test suite.