Persistence config files "insecure" backup get emptied in some situations
As we can see on #10976-note_73 and #10976-note_66, if the
permissions/ownership of the root directory of the persistent filesystem
are wrong, live-additional-software.conf.insecure_disabled
ends up
being empty, which is unfortunate as it’s meant to be a backup that the
user can later restore by hand.
I believe that’s because every call to
disable_and_create_empty_persistence_conf_file
in live-persist
will
rename the current live-additional-software.conf
to
live-additional-software.conf.insecure_disabled
. So if the user
immediately fixes the problem, the first time it happens, then we’re
good. But if they reboot and unlock their persistence again, the
(non-empty) backup gets overwritten by live-persist
which replaces it
with the new, empty config file it created during last boot.
Solution: ensure disable_and_create_empty_persistence_conf_file
does
not replace a non-empty .insecure_disabled
backup file with an empty
one.
Priority >> normal because it makes it harder to recover from the already painful #10976.
Note: I don’t understand why, in Cody’s report, the same problem did not
happen for persistence.conf
. There might be another problem on top of
this one. But this should not block it from fixing the problem I’ve
already understood here :)
Related issues
Original created by @intrigeri on 17112 (Redmine)