Fix wrong master key on rebootstrap (#9449)

* Remove minion_master.pub on bootstrapping to avoid key verification issue in case if the minion was registered to the other master before * Add changelog entry
uyuni-project · Nov 15, 2024 · 2816dcc · 2816dcc
1 parent b0f20ff
commit 2816dcc
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/susemanager-utils/susemanager-sls/salt/bootstrap/init.sls b/susemanager-utils/susemanager-sls/salt/bootstrap/init.sls
@@ -295,6 +295,12 @@ salt-minion-key-pem:
       - salt-minion-package
 {%- endif %}
 
+# On bootstapping the minion which was registered to the other master before,
+# the master public key must be removed from the minion to prevent key verification fails.
+salt-minion-master-pub-wipe:
+  file.absent:
+    - name: {{ salt_config_dir }}/pki/minion/minion_master.pub
+
 {%- if not transactional %}
 {{ salt_minion_name }}:
   service.running:

diff --git a/...ils/susemanager-sls/susemanager-sls.changes.vzhestkov.fix-wrong-master-key-on-rebootstrap b/...ils/susemanager-sls/susemanager-sls.changes.vzhestkov.fix-wrong-master-key-on-rebootstrap
@@ -0,0 +1 @@
+- Remove master public key on bootstrapping to prevent possible issues.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		- Remove master public key on bootstrapping to prevent possible issues.