Bug 1209350
| Summary: | Rhevh7.1: virt-who failed to decrypt encrypted password as failed to run "virt-who-password" | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Liushihui <shihliu> | |
| Component: | ovirt-node | Assignee: | Ryan Barry <rbarry> | |
| Status: | CLOSED ERRATA | QA Contact: | Huijuan Zhao <huzhao> | |
| Severity: | urgent | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 3.5.0 | CC: | cshao, dfediuck, fdeutsch, gklein, gxing, huiwa, leiwang, lsurette, pstehlik, rbarry, rnovacek, sgao, shihliu, yaniwang, ycui, yeylon, ykaul | |
| Target Milestone: | ovirt-3.6.0-rc | Keywords: | ZStream | |
| Target Release: | 3.6.0 | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | ovirt-node-3.3.0-0.4.20150906git14a6024.el7ev | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1241820 1263219 (view as bug list) | Environment: | ||
| Last Closed: | 2016-03-09 14:22:01 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | Node | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1241820, 1263219 | |||
|
Description
Liushihui
2015-04-07 07:01:22 UTC
This bug has blocked virt-who's new function of "decrypt encrypted password", it should be resolved ASAP. (In reply to Liushihui from comment #1) > This bug has blocked virt-who's new function of "decrypt encrypted > password", it should be resolved ASAP. After confirmed with Shihui entitlement QE, there is virt-who new function on rhel 7.1, see bug 1161607, so rhevh also need to make corresponding adjustment to meet the new function of rhel 7.1. Bug 1161607 - virt-who not able to decrypt encrypted password. rhevh-vdsm6-6.6-20150402.0 has the same problem. Liushihui, why is this feature important and what can a user do with it? When is it needed? Moving this to 3.6 for now, if it's urgent, then we can backport that change. Hi Eabian, Since customers requesting password encryption feature. In the previous version of virt-who, administrator/root's password can show on virt-who's configure file as Plaintext, threaten system's security.Therefore, Customers asked for this new feature. please see the detail on bug 1161604. Thanks. Thanks. Liushihui (In reply to Fabian Deutsch from comment #5) > Liushihui, why is this feature important and what can a user do with it? > When is it needed? > > Moving this to 3.6 for now, if it's urgent, then we can backport that change. snip from bug 1241820 which is cloned from this bug, "It also exist on Rhev-hypervisor-6-6.7-20150707.0" Fabian, not sure how urgent it is on RHEV, you can see comment 6 to whether we clone it to 3.5.z? Thanks. *** Bug 1241820 has been marked as a duplicate of this bug. *** Version-Release number of selected component (if applicable): rhev-hypervisor-7-7.2-20151112.1.e17ev ovirt-node-3.6.0-0.20.20151103git3d3779a.el7ev.noarch Test Steps: 1. Install rhevh 2. Login rhevh, press "F2" to rescue shell, run command of "virt-who-password" # virt-who-password Test results: 1. "virt-who-password" used to generate a "encrypted_password" which used to decrypt password. # virt-who-password Password: Use following as value for encrypted_password key in the configuration file: 87b09966fb9b12f063b9c5dbef57e0ed So this bug is fixed on rhev-hypervisor-7-7.2-20151112.1.e17ev, I will change the status to verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0378.html |