From 061d32a02e117bbd37eee0cae65fbdf009401364 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Fri, 22 May 2026 15:00:34 +0200
Subject: [PATCH] settings: propagate certificate blob write failure in keyfile
 writer

When nm_utils_file_set_contents() fails to write a certificate blob to
disk, cert_writer() only logged a warning and silently continued. The
overall write operation would "succeed", producing a keyfile missing the
certificate entry entirely. This could lead to a broken 802.1X
connection profile that fails authentication at runtime.

Propagate the error via g_set_error() so that nm_keyfile_write() returns
failure and the profile write is properly aborted.

Fixes: ecca85066d42 ('keyfile: write certificates and keys in a human-readable manner')
---
 src/core/settings/plugins/keyfile/nms-keyfile-writer.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/core/settings/plugins/keyfile/nms-keyfile-writer.c b/src/core/settings/plugins/keyfile/nms-keyfile-writer.c
index c7c8826079..962f3d152f 100644
--- a/src/core/settings/plugins/keyfile/nms-keyfile-writer.c
+++ b/src/core/settings/plugins/keyfile/nms-keyfile-writer.c
@@ -143,7 +143,9 @@ cert_writer(NMConnection                     *connection,
                                             vtable->setting_key,
                                             strrchr(new_path, '/') + 1);
         } else {
-            nm_log_warn(LOGD_SETTINGS,
+            g_set_error(error,
+                        NM_SETTINGS_ERROR,
+                        NM_SETTINGS_ERROR_FAILED,
                         "keyfile: %s.%s: failed to write certificate to file %s: %s",
                         setting_name,
                         vtable->setting_key,