Page MenuHomeVyOS Platform
Create Task
Maniphest T7727

TPM encryption disable fails when executed for the second time
Closed, ResolvedPublicBUG
Actions

Description

When disabling encryption for the second time it fails with the following error:

vyos@vyos:~$ encryption disable 
Moving existing /config folder to /config.old
Failed to decrypt config: Destination path '/config.old/config' already exists

Steps to reproduce:

  1. Encryption enable
  2. Encryption disable
  3. Encryption enable
  4. Encryption disable

Details

Version
2025.08.13-0020-rolling
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

a.kudientsov created this task.Aug 16 2025, 11:51 AM
pasik subscribed.Aug 16 2025, 3:31 PM
syncer assigned this task to sarthurdev.Aug 17 2025, 9:41 PM
syncer triaged this task as High priority.
sarthurdev changed the task status from Open to In progress.Aug 18 2025, 8:03 PM
sarthurdev changed the task status from In progress to Needs testing.Aug 19 2025, 7:21 PM

PR: https://github.com/vyos/vyos-1x/pull/4669

sarthurdev added a project: VyOS 1.5 Circinus (1.5-stream-2025-Q3).Aug 19 2025, 7:22 PM
a.pidnebesny subscribed.Sep 15 2025, 1:07 PM

This behavior is no more observed due to the change in the logic of config migration.

vyos@vyos-def:~$ encryption disable

Moving existing /config folder to /config.old
Moving existing /config folder to /config.old.1
Moving existing /config folder to /config.old.2
Moving existing /config folder to /config.old.[n]

Summary:
fixed and no more observed

a.kudientsov closed this task as Resolved.Sep 17 2025, 7:28 AM
sarthurdev mentioned this in rVYOSONEXc7074d3c8475: tpm: T7727: Prompt to overwrite an existing backup.Sep 25 2025, 2:22 PM
dmbaturin edited projects, added VyOS 1.5 Circinus (2025.11); removed VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling.Thu, Nov 13, 12:21 AM
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.