Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

99-default.rules reappear after update #1023

Closed
angrieralien opened this issue May 16, 2023 · 2 comments
Closed

99-default.rules reappear after update #1023

angrieralien opened this issue May 16, 2023 · 2 comments
Labels
kind/bug Something isn't working

Comments

@angrieralien
Copy link

Description

The 99-default.rules come back after update. Since the ignition file runs only one time at first boot the updates place the original 99-default.rules back on disk . This does seem to be a bug. I think a solution is to move the 99-default.rules to a different directory that does not get overwritten on update. We are open for other suggestion too.

Impact

The audit rules are not triggering because the 99-default.rules includes a rule that ignores all rules.

Environment and steps to reproduce

  1. Set-up: Nebraska
  2. Task: updates
  3. Action(s): Write ignition file that overwrites 99-default.rules with an empty file.
  4. Error: On update the original 99-default.rules appear.

Expected behavior

On update the 99-default.rules is not changed.

Additional information

flatcar-archive/coreos-overlay#2545
flatcar-archive/flatcar-docs#296

@angrieralien angrieralien added the kind/bug Something isn't working label May 16, 2023
@pothos
Copy link
Member

pothos commented May 17, 2023

Thanks for creating an issue, I guess this only happened on Stable where systemd-tmpfile would recreate a deleted file after each reboot. The solution would be to create an empty file or a file with a comment (as shown in the docs PR).
In Flatcar Beta/Alpha this problem is solved and you can delete the file and it won't be created again on reboot because instead of systemd-tmpfile rules provide the OS defaults through the lowerdir of an overlay mount.

@angrieralien
Copy link
Author

thanks @pothos

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants