Bug 1348522

Summary: If ks file generated by anaconda on RHEL6 gets uploaded to Spacewalk, the following warn msg shows up: "This kickstart profile uses a different type of encryption by default than the root password is currently using.."
Product: [Community] Spacewalk Reporter: Gennadii Altukhov <galtukho>
Component: WebUIAssignee: Gennadii Altukhov <galtukho>
Status: CLOSED CURRENTRELEASE QA Contact: Radovan Drazny <rdrazny>
Severity: medium Docs Contact:
Priority: medium    
Version: 2.5CC: aladke, eherget, galtukho, ggainey, jdobes, mosvald, rdrazny, satqe-list
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1122422
: 1395880 (view as bug list) Environment:
Last Closed: 2017-09-27 19:12:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1162131, 1395880, 1484117    

Description Gennadii Altukhov 2016-06-21 11:29:46 UTC 
Description of problem:

If ks file generated by anaconda on RHEL6 gets uploaded to Satellite, the following warn message shows up:

"This kickstart profile uses a different type of encryption by default than the root password is currently using. You must reset the root password to encrypt it with the new method."

See the attached picture.

Note: By default anaconda on rhel6 uses sha512 algo for rootpw.


Version-Release number of selected component (if applicable):

2.5


How reproducible:

Always


Steps to Reproduce:

1. Install some RHEL6 machine to get ks file or generate it or make sure that already existing one contains sha512 algo (starts with "$6"):

rootpw --iscrypted $6$trAlalaT$RaLaLAtraLALaTR4lALATr4LAlatraLALaTR4lALATr4LAltraLALaTR4lALATr4LAltraLALaTR4lALATr4LA

2. Upload it to the Spacewalk:

https://<input_your_sat_fqdn>/rhn/kickstart/AdvancedModeCreate.do

3. Switch to "Kickstart File" tab:

https://<input_your_sat_fqdn>/rhn/kickstart/KickstartFileDownloadAdvanced.do?ksid=<input_ks_id>


Actual results:

The following warn message gets printed:

"This kickstart profile uses a different type of encryption by default than the root password is currently using. You must reset the root password to encrypt it with the new method."


Expected results:

No warn message if anaconda uses sha512 on RHEL6 by default.
Comment 1 Gennadii Altukhov 2016-06-21 11:31:13 UTC 
Taking...
Comment 2 Gennadii Altukhov 2016-06-21 12:26:27 UTC 
spacewalk.git:
23bcc689857463608c23ee8090ad4af354f5dd5a
Comment 3 Gennadii Altukhov 2016-10-17 09:44:27 UTC 
1) Add commit with small fix:
cbc62debb44e26224c0785d7610e94e0f9f96a41

2) Add fix for backward compatibility:
2e27bc7c4a13477c64f4c707dcfd4df649cd1199
Comment 4 Radovan Drazny 2016-11-16 09:40:11 UTC 
Verified by reproducer from the initial report, using spacewalk-java-2.6.48-1. Used a sample kickstart file with "rootpw --iscrypted" option encrypted with sha512  (encrypted string format is $6$<salt>$<encrypted_password>). There is no error message now. Both $6... and $5... are accepted without an error.

VERIFED
Comment 5 Eric Herget 2017-09-27 19:12:05 UTC 
This looks like it was fixed in previous release, but I'm closing it in this one.

Spacewalk 2.7 has been released.

https://github.com/spacewalkproject/spacewalk/wiki/ReleaseNotes27
Comment 6 Grant Gainey 2017-10-03 19:02:54 UTC 
*** Bug 1304505 has been marked as a duplicate of this bug. ***