dogtagpki

Clone
Source Code
GIT

#1163 CS.cfg corruption due to concurrent modification
Closed: migrated 3 years ago by dmoluguw. Opened 9 years ago by edewata.

Closed: migrated
Reopen Issue

The CS.cfg is owned/updated by the Dogtag server, but sometimes people are advised to modify the file directly, and maybe some other systems interoperate with Dogtag that way too, which may lead to corruption if they happpen simultaneously.

Possible solutions:

  1. Require Dogtag to be shutdown before changing CS.cfg directly.
  2. Prohibit direct access to the file and require the use of tools that send the changes to the server (e.g. via CLI/REST).
  3. Break CS.cfg into user-owned and server-owned parameters, and move mostly-static parameters into a separate default file that can be overwritten as needed.
  4. Replace CS.cfg with LDAP-based configuration.

Option #1 can be documented in 10.2.x. Other options probably can only be implemented in 10.3.x at the earliest.

Related ticket:

The problem affects Dogtag 9 too.

Metadata Update from @edewata:
- Issue set to the milestone: UNTRIAGED
7 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/1726

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata Update from @dmoluguw:
- Issue close_status updated to: migrated
- Issue status updated to: Closed (was: Open)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
major
None
None
None
defect
None
None
None
None
None
Community
None
None
None
None
None
None
General
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.