Fix keyring file missing after Vault restart (#15946)
This commit is contained in:
parent
7d0a252d55
commit
9f0a72ef2a
3
changelog/15946.txt
Normal file
3
changelog/15946.txt
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
```release-note:bug
|
||||||
|
core/seal: Fix possible keyring truncation when using the file backend.
|
||||||
|
```
|
|
@ -242,8 +242,9 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
|
||||||
|
|
||||||
// JSON encode the entry and write it
|
// JSON encode the entry and write it
|
||||||
fullPath := filepath.Join(path, key)
|
fullPath := filepath.Join(path, key)
|
||||||
|
tempPath := fullPath + ".temp"
|
||||||
f, err := os.OpenFile(
|
f, err := os.OpenFile(
|
||||||
fullPath,
|
tempPath,
|
||||||
os.O_CREATE|os.O_TRUNC|os.O_WRONLY,
|
os.O_CREATE|os.O_TRUNC|os.O_WRONLY,
|
||||||
0o600)
|
0o600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -262,6 +263,10 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
|
||||||
})
|
})
|
||||||
f.Close()
|
f.Close()
|
||||||
if encErr == nil {
|
if encErr == nil {
|
||||||
|
err = os.Rename(tempPath, fullPath)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -270,7 +275,7 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
|
||||||
// See if we ended up with a zero-byte file and if so delete it, might be a
|
// See if we ended up with a zero-byte file and if so delete it, might be a
|
||||||
// case of disk being full but the file info is in metadata that is
|
// case of disk being full but the file info is in metadata that is
|
||||||
// reserved.
|
// reserved.
|
||||||
fi, err := os.Stat(fullPath)
|
fi, err := os.Stat(tempPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return encErr
|
return encErr
|
||||||
}
|
}
|
||||||
|
@ -278,7 +283,7 @@ func (b *FileBackend) PutInternal(ctx context.Context, entry *physical.Entry) er
|
||||||
return encErr
|
return encErr
|
||||||
}
|
}
|
||||||
if fi.Size() == 0 {
|
if fi.Size() == 0 {
|
||||||
os.Remove(fullPath)
|
os.Remove(tempPath)
|
||||||
}
|
}
|
||||||
return encErr
|
return encErr
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue