Bug 1345983
| Summary: | Hardcoded calamari credentials in bigfin/backend/cephapi/handler/handler.go | ||
|---|---|---|---|
| Product: | [Red Hat Storage] Red Hat Storage Console | Reporter: | Daniel Horák <dahorak> |
| Component: | Ceph | Assignee: | Shubhendu Tripathi <shtripat> |
| Ceph sub component: | configuration | QA Contact: | sds-qe-bugs |
| Status: | CLOSED EOL | Docs Contact: | |
| Severity: | high | ||
| Priority: | unspecified | CC: | mkudlej, nthomas |
| Version: | 2 | ||
| Target Milestone: | --- | ||
| Target Release: | 3 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-11-19 05:42:48 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This cannot be addressed in the current release. User can create a admin/admin on calamari before import. Moving this out of 2.0 This product is EOL now |
Description of problem: Credentials for connection to calamari are hardcoded in the code[1], which makes problem during importing existing cluster and also might be security vulnerability. Version-Release number of selected component (if applicable): ceph-ansible-1.0.5-19.el7scon.noarch ceph-deploy-1.5.33-0.noarch ceph-installer-1.0.11-1.el7scon.noarch rhscon-ceph-0.0.20-1.el7scon.x86_64 rhscon-core-0.0.21-1.el7scon.x86_64 rhscon-ui-0.0.34-1.el7scon.noarch calamari-server-1.4.0-0.12.rc15.el7cp.x86_64 ceph-10.2.1-11.el7cp.x86_64 ceph-base-10.2.1-11.el7cp.x86_64 ceph-common-10.2.1-11.el7cp.x86_64 ceph-mds-10.2.1-11.el7cp.x86_64 ceph-mon-10.2.1-11.el7cp.x86_64 ceph-osd-10.2.1-11.el7cp.x86_64 ceph-selinux-10.2.1-11.el7cp.x86_64 rhscon-agent-0.0.9-1.el7scon.noarch How reproducible: 100% Steps to Reproduce: 1. Try to create new one or import existing cluster to USM, there is no way to configure calamari credentials. 2. Check source code[1] and look for lines reqData["username"] = "admin" reqData["password"] = "admin" Actual results: Calamari credentials are hardcoded to admin/admin, so it is not possible to change them for security reason and also it is not possible to import existing cluster with different credentials for accessing calamari. Expected results: It should be possible to change calamari credentials in skyring, so it is possible to secure calamari with good password and also it should be possible to import existing cluster with various credentials to calamari. Additional info: [1] https://github.com/skyrings/bigfin/blob/master/backend/cephapi/handler/handler.go#L188