My Fedora IoT box has gotten a file in the last few months, /etc/.rpm-ostree-shadow-mode-fixed2.stamp
What is it for?
Can I safely delete it?
My Fedora IoT box has gotten a file in the last few months, /etc/.rpm-ostree-shadow-mode-fixed2.stamp
What is it for?
Can I safely delete it?
This is a fix related to
The solution involves keeping the stamp in /etc
to handle rollback.
We keep the stamp in /etc to account for the case where a deployment
with this unit is rolled back. If we used /var, the stamp would have
stayed but the fix would not be re-applied on the next update.
[Unit]
# rpm-ostree v2023.6 introduced a permission issue on `/etc/[g]shadow[-]`.
# This makes sure to fix permissions on systems that were deployed with the wrong permissions.
Description=Update permissions for /etc/shadow
Documentation=https://github.com/coreos/rpm-ostree-ghsa-2m76-cwhg-7wv6
# This new stamp file is written by the Rust code, and obsoletes
# the old /etc/.rpm-ostree-shadow-mode-fixed.stamp
ConditionPathExists=!/etc/.rpm-ostree-shadow-mode-fixed2.stamp
Thank you! I looked for this kind of detail and didn’t find it.
It sounds like, as long as I don’t roll back, I am ok to delete this then.
If you remove it, the unit will run again on the next boot and re-create the file.
Added atomic-desktops, security
Added coreos, iot, rpm-ostree
So clearly I must never reboot j/k - I’ll keep ignoring it
Thank you