В SPEC необходимо добавить опцию %config(noreplace) для файла /usr/share/keycloak/conf/keycloak.conf Иначе настроенный конфиг после обновления заменяется на новый конфиг, и работа сервера прекращается
конфиг в /usr/share - это ошибка. Конфиг должен быть в /etc
keycloak-26.1.2-alt1 -> sisyphus: Tue Feb 11 2025 Andrey Cherepanov <cas@altlinux> 26.1.2-alt1 - New version. - Security fixes: + CVE-2024-11736 Unrestricted admin use of system and environment variables + CVE-2024-11734 Denial of Service in Keycloak Server via Security Headers + CVE-2024-10451 Sensitive Data Exposure in Keycloak Build Process + CVE-2024-10270 Potential Denial of Service + CVE-2024-10492 Keycloak path trasversal + CVE-2024-9666 Keycloak proxy header handling Denial-of-Service (DoS) vulnerability + CVE-2024-10039 Bypassing mTLS validation + CVE-2021-44549 org.eclipse.angus/angus-mail: Enabling Secure Server Identity Checks for Safer SMTPS Communication + CVE-2024-8883 Vulnerable Redirect URI Validation Results in Open Redirect + CVE-2024-8698 Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak + CVE-2024-7341 Session fixation in the SAML adapters Sun May 26 2024 Andrey Cherepanov <cas@altlinux> 24.0.4-alt2 - Moved config to /etc/keycloak. - Marked config file as %config(noreplace) (ALT #50434). - Moved keycloak homedir to /usr/lib/keycloak. - Added service file
