Bug 1395880

Summary: If ks file generated by anaconda on RHEL6 gets uploaded to Spacewalk, the following warn msg shows up: "This kickstart profile uses a different type of encryption by default than the root password is currently using.."
Product: Red Hat Satellite 5 Reporter: Jan Hutař <jhutar>
Component: WebUIAssignee: Grant Gainey <ggainey>
Status: CLOSED CURRENTRELEASE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: medium Docs Contact:
Priority: medium    
Version: 580CC: aladke, galtukho, jdobes, mkorbel, mosvald, rdrazny, satqe-list, tlestach
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1348522 Environment:
Last Closed: 2017-06-21 12:12:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1348522    
Bug Blocks: 1397178    

Description Jan Hutař 2016-11-16 21:17:53 UTC 
We have tested (or attempted to test) bug like this when Spacewalk 2.6 was to be released. This is a clone of that bug to get it re-tested on Satellite 5.8.0. In some cases bug can be completely irrelevant (in such cases I suggest to close the bug as NOTABUG), in some cases it might be wise to take the bug as a note that something changed in a given area and we might want to sanity-test that area (and mark the bug as VERIFIED with "SanityOnly" keyword) and in some cases bug might be totally relevant to Satellite.



+++ This bug was initially created as a clone of Bug #1348522 +++

Description of problem:

If ks file generated by anaconda on RHEL6 gets uploaded to Satellite, the following warn message shows up:

"This kickstart profile uses a different type of encryption by default than the root password is currently using. You must reset the root password to encrypt it with the new method."

See the attached picture.

Note: By default anaconda on rhel6 uses sha512 algo for rootpw.


Version-Release number of selected component (if applicable):

2.5


How reproducible:

Always


Steps to Reproduce:

1. Install some RHEL6 machine to get ks file or generate it or make sure that already existing one contains sha512 algo (starts with "$6"):

rootpw --iscrypted $6$trAlalaT$RaLaLAtraLALaTR4lALATr4LAlatraLALaTR4lALATr4LAltraLALaTR4lALATr4LAltraLALaTR4lALATr4LA

2. Upload it to the Spacewalk:

https://<input_your_sat_fqdn>/rhn/kickstart/AdvancedModeCreate.do

3. Switch to "Kickstart File" tab:

https://<input_your_sat_fqdn>/rhn/kickstart/KickstartFileDownloadAdvanced.do?ksid=<input_ks_id>


Actual results:

The following warn message gets printed:

"This kickstart profile uses a different type of encryption by default than the root password is currently using. You must reset the root password to encrypt it with the new method."


Expected results:

No warn message if anaconda uses sha512 on RHEL6 by default.

--- Additional comment from Gennadii Altukhov on 2016-06-21 07:31:13 EDT ---

Taking...

--- Additional comment from Gennadii Altukhov on 2016-06-21 08:26:27 EDT ---

spacewalk.git:
23bcc689857463608c23ee8090ad4af354f5dd5a

--- Additional comment from Gennadii Altukhov on 2016-10-17 05:44:27 EDT ---

1) Add commit with small fix:
cbc62debb44e26224c0785d7610e94e0f9f96a41

2) Add fix for backward compatibility:
2e27bc7c4a13477c64f4c707dcfd4df649cd1199

--- Additional comment from Radovan Drazny on 2016-11-16 04:40:11 EST ---

Verified by reproducer from the initial report, using spacewalk-java-2.6.48-1. Used a sample kickstart file with "rootpw --iscrypted" option encrypted with sha512  (encrypted string format is $6$<salt>$<encrypted_password>). There is no error message now. Both $6... and $5... are accepted without an error.

VERIFED
Comment 1 Martin Korbel 2017-05-19 13:41:56 UTC 
Verified on spacewalk-backend-2.5.3-121

Reproducer via commanet 0.