Serial vault hardcodes system-user assertion version # to 1

Bug #1973246 reported by Daniel Manrique
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Snap Store Server

Bug Description

Serial Vault hardcodes system user assertion’s revision to 1

When attempting to add another user to a device that was previously removed using snapd’s REST API. This did not work, the system-user assertion has not been acknowledged and thus the user was not created. Note that the new user has the same email address as the previous one.

This is in Serial Vault code where it is clear that the system-user assertion’s revision is always set to 1:

This is the reason snapd is not acknowledging it.

It seems that the solution required here is for the SV to allow to sign a system-user assertion with the same email but with a higher revision, so that it can really be a replacement for the old revision when it reaches the devices. Snapd will ignore an assertion that appears to have the same revision as the current one.

Tags: serial-vault
Daniel Manrique (roadmr)
tags: added: serial-vault
Changed in snapstore-server:
status: New → Confirmed
importance: Undecided → High
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.