search

cockpit-project / cockpit

Cockpit is a web-based graphical interface for servers.
http://www.cockpit-project.org/
GNU Lesser General Public License v2.1
11.2k stars 1.11k forks source link

cockpit-certificate-ensure: soften the certificate generation #21069

Open jmlemetayer opened 4 weeks ago

jmlemetayer commented 4 weeks ago

I use cockpit in an embedded device, and it can happen that the power is suddenly cut off. So the file system is not synchronized and the last file system actions are lost.

If generating the self-signed certificate was one of them, you end up with empty files. And the next time you reboot, cockpit won't be able to start because cockpit-certificate-ensure will fail.

These commits prevent failure on empty files and force a new generation. In addition, we explicitly request file system synchronization after generation.

jmlemetayer commented 2 weeks ago

Can anyone take a look at this PR? Thanks