Bug 1161528

Summary: RHEV-H always persist the config info of "Strong Random Number Generator" after disable AES-NI options
Product: Red Hat Enterprise Virtualization Manager Reporter: cshao <cshao>
Component: ovirt-nodeAssignee: Ryan Barry <rbarry>
Status: CLOSED ERRATA QA Contact: cshao <cshao>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.6.0CC: fdeutsch, gklein, huiwa, leiwang, lsurette, rbarry, yaniwang, ycui, ykaul
Target Milestone: ovirt-3.6.0-rc   
Target Release: 3.6.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-node-3.3.0-0.4.20150906git14a6024.el7ev Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-03-09 14:17:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Node RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description cshao 2014-11-07 10:02:14 UTC 
Description of problem:
RHEV-H always persist the config info of "Strong Random Number Generator" after disable AES-NI options.

Version-Release number of selected component (if applicable):
rhev-hypervisor6-6.6-20141106.1
ovirt-node-3.0.1-19.el6.22.noarch

How reproducible:
100%

Steps to Reproduce:
1. Install RHEV-H
2. Enter Security menu, enable AES-NI and input Bytes Used(e.g. 123)
3. Save and check /etc/profile
4. Disable AES-NI
5. Save and check /etc/profile again.

Actual results:
RHEV-H always persist the config info of "Strong Random Number Generator" after disable AES-NI options.
1. step 3: export SSH_USE_STRONG_RNG=123
2. step 5: export OPENSSL_DISABLE_AES_NI=1
export SSH_USE_STRONG_RNG=123

Expected results:
RHEV-H should remove the config info of "Strong Random Number Generator" after disable AES-NI options.

Additional info:
Comment 2 cshao 2015-11-26 05:50:17 UTC 
Test version:
rhev-hypervisor7-7.2-20151112.1
ovirt-node-3.6.0-0.20.20151103git3d3779a.el7ev.noarch

Test steps:
1. Install RHEV-H
2. Enter Security menu, enable AES-NI and input Bytes Used(e.g. 123)
3. Save and check /etc/profile
4. Disable AES-NI
5. Save and check /etc/profile again.


Test result:
RHEV-H can remove the config info of "Strong Random Number Generator" after disable AES-NI options.

#grep "export" /etc/profile
    export HISTCONTROL=ignoreboth
    export HISTCONTROL=ignoredups
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL
export OPENSSL_DISABLE_AES_NI=1

So the bug is fixed, change bug status to VERIFIED.
Comment 4 errata-xmlrpc 2016-03-09 14:17:02 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0378.html