Serial vault hardcodes system-user assertion version # to 1
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Snap Store Server |
Confirmed
|
High
|
Unassigned | ||
Bug Description
Serial Vault hardcodes system user assertion’s revision to 1
When attempting to add another user to a device that was previously removed using snapd’s REST API. This did not work, the system-user assertion has not been acknowledged and thus the user was not created. Note that the new user has the same email address as the previous one.
This is in Serial Vault code where it is clear that the system-user assertion’s revision is always set to 1: https:/
This is the reason snapd is not acknowledging it.
It seems that the solution required here is for the SV to allow to sign a system-user assertion with the same email but with a higher revision, so that it can really be a replacement for the old revision when it reaches the devices. Snapd will ignore an assertion that appears to have the same revision as the current one.
| tags: | added: serial-vault |
| Changed in snapstore-server: | |
| status: | New → Confirmed |
| importance: | Undecided → High |
