Bug 1403363

Summary: Provisioning Templates does not honour password algorithm
Product: Red Hat Satellite Reporter: Peter Tselios <tselios.petros>
Component: Provisioning TemplatesAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2.4CC: bbuckingham, jcallaha, mhulan, sreber
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-02-15 08:29:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Peter Tselios 2016-12-09 19:50:19 UTC 
Description of problem:
Default provisioning templates have hardcoded the password algorithm to sha256. So, even if a user selects sha512 as the password algorithm, the kickstart file will have the following line in the generated kickstart:

auth --useshadow --passalgo=sha256 --kickstart

Version-Release number of selected component (if applicable):
From 6.2.0 and onwards.  

How reproducible:
100%

Steps to Reproduce:
1. Try to provision a new Host and in the OS set the password algorithm to sah512
2. Either render the profiles of provision the host and check the anaconda.ks file 

Actual results:
anaconda.ks contains the following line:
auth --useshadow --passalgo=sha256 --kickstart


Expected results:
auth --useshadow --passalgo=sha512 --kickstart

Additional info:
Comment 3 Marek Hulan 2017-02-15 08:29:36 UTC 
Thanks for the report. I believe this is already tracked under BZ 1372385 despite the title only mentions safe mode. The last step missing there is exactly what you suggest, the template should not hardcode sha256 but use the information from OS. The patch is available and is pending for review. I'm closing this and kindly ask you to follow the linked BZ.

*** This bug has been marked as a duplicate of bug 1372385 ***