[BUG] ssl.conf should never be removed - should always be managed
TheBigBear opened this issue · comments
Your setup
Formula commit hash / release tag
v1.2.2 4a46e03
Versions reports (master & minion)
Pillar / config used
Bug details
Describe the bug
In the redhat family the file apache/config/modules/mod_ssl.sls on line 52 has a file.absent state for the ssl.conf file.
This is wrong. Any subsequent dnf or yum update will re-introduce the default distributors version of it.
Which can conflict and break things. The correct way would be to actually use file.managed at this point.
If there is a modified ( and managed ) file there rpm will not introduce one but simply create a ssl.conf.rpmnew which does not break anything.
Using file.absent on a config file maintained by a linux package manager breaks idempotency.