Bug 1267954
Summary: | Same password for root and disk encryption reported both as Good and Weak | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Alexander Todorov <atodorov> | ||||||
Component: | anaconda | Assignee: | David Shea <dshea> | ||||||
Status: | CLOSED NOTABUG | QA Contact: | Release Test Team <release-test-team-automation> | ||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | 7.2 | CC: | sbueno, tmraz | ||||||
Target Milestone: | rc | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2016-01-29 16:46:47 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Alexander Todorov
2015-10-01 12:52:51 UTC
Created attachment 1079093 [details]
Disk encryption password
Created attachment 1079094 [details]
Root user password
There are two differences in the way anaconda performs these two password checks: 1: for the root password check, anaconda overrides minlen setting to 6. This should not matter here since the default is 8, and it looks like the password you are attempting to use has 9 characters. 2: for the root password check, anaconda passes the username parameter to the pwquality check function, since passwords that contain the username are considered weaker than those that do not, while the disk passphrase has no such concept to check against. Maybe your password contains the word "root"? Actually the change in the minlen setting modifies the calculation of the password score so that is the reason for the difference. Back to anaconda for consideration whether it wants to unify the minlen setting for both checks. I do not see this as a bug though. Consensus is this is not a bug. If the password checking requirements need to change, that is a policy set by someone else. Ideally product management in the case of RHEL. |