Bug 1029126

Summary: Handle failure to decrypt LocalAdminPassword
Product: Red Hat Enterprise Virtualization Manager Reporter: David Jaša <djasa>
Component: ovirt-engineAssignee: Frantisek Kobzik <fkobzik>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: unspecified    
Version: 3.3.0CC: acathrow, iheim, lpeer, michal.skrivanek, Rhev-m-bugs, yeylon
Target Milestone: ---   
Target Release: 3.6.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: virt
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-27 07:03:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description David Jaša 2013-11-11 17:43:00 UTC 
Description of problem:
Currently, when RHEV-M fails to decrypt LocalAdminPassword, it passes the plaintext value to the sysprep file. The plaintext value can however contain forbidden characters for Windows that effectively break Windows sysprep mechanism. Based on above, the condition of non-decryptable LocalAdminPassword should be handled somehow:
  * don't run VM at all, issue Error in Events
  * don't set Admin Password at all in sysprep, issue Warning in Events, run VM

Version-Release number of selected component (if applicable):
is21 / rhevm-backend-3.3.0-0.31.beta1.el6ev.noarch

How reproducible:
always

Steps to Reproduce:
1. replace keys used to encrypt LocalAdminPassword in /etc/pki/ovirt-engine
2. run sealed Windows 7 VM with sysprep floppy attached
3.

Actual results:
Windows is likely to fail sysprep because the password may contain illegal characters

Expected results:
failure to decrypt password is detected and handled somehow

Additional info:
it takes going through some hoops to run into this bug so I think that it can have low priority.
Comment 1 Michal Skrivanek 2013-11-13 11:21:10 UTC 
makes sense to fail, not urgent though
Comment 2 Frantisek Kobzik 2014-08-27 07:03:38 UTC 
Closing this since the problem reproduces only when the system is in illegal state (db values aren't encrypted by currently used keys).

This state is reported by engine in the logs (ERROR [...] Failed to decrypt value for property XYZ). As a consequence, plaintext value is used. It is up to administrator not to ignore this log line and ensure that password values are encrypted/decryptable correctly, or use plaintext at their own risk.