Persistence config files "insecure" backup get emptied in some situations
As we can see on #10976-note_73 and #10976-note_66, if the
permissions/ownership of the root directory of the persistent filesystem
are wrong, live-additional-software.conf.insecure_disabled ends up
being empty, which is unfortunate as it’s meant to be a backup that the
user can later restore by hand.
I believe that’s because every call to
disable_and_create_empty_persistence_conf_file in live-persist will
rename the current live-additional-software.conf to
live-additional-software.conf.insecure_disabled. So if the user
immediately fixes the problem, the first time it happens, then we’re
good. But if they reboot and unlock their persistence again, the
(non-empty) backup gets overwritten by live-persist which replaces it
with the new, empty config file it created during last boot.
Solution: ensure disable_and_create_empty_persistence_conf_file does
not replace a non-empty .insecure_disabled backup file with an empty
one.
Priority >> normal because it makes it harder to recover from the already painful #10976.
Note: I don’t understand why, in Cody’s report, the same problem did not
happen for persistence.conf. There might be another problem on top of
this one. But this should not block it from fixing the problem I’ve
already understood here :)
Related issues
Original created by @intrigeri on 17112 (Redmine)