Bug 1528253
Summary: | cloud-init silently fails setting dumb root password but the ansible code doesn't validate it in advance | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [oVirt] ovirt-hosted-engine-setup | Reporter: | Nikolai Sednev <nsednev> | ||||||
Component: | General | Assignee: | Simone Tiraboschi <stirabos> | ||||||
Status: | CLOSED WORKSFORME | QA Contact: | meital avital <mavital> | ||||||
Severity: | high | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | --- | CC: | bugs, didi, nsednev, stirabos | ||||||
Target Milestone: | --- | Flags: | nsednev:
planning_ack?
nsednev: devel_ack? nsednev: testing_ack? |
||||||
Target Release: | --- | ||||||||
Hardware: | x86_64 | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2017-12-26 11:26:54 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | Integration | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 1455169 | ||||||||
Attachments: |
|
Description
Nikolai Sednev
2017-12-21 11:07:06 UTC
Cloud-init silently fails/refuses to set a dumb password (not sure if it's more a feature or a bug) so ansible cannot then login in the engine VM. The issue is that the ansible code doesn't validate it in advance. Can you please attach /var/log/cloud-init.log from the engine machine? Tried this once with ovirt-engine-appliance-4.2-20171220.1.el7.centos.noarch and it worked for me, with password '1'. (In reply to Yedidyah Bar David from comment #2) > Can you please attach /var/log/cloud-init.log from the engine machine? > > Tried this once with ovirt-engine-appliance-4.2-20171220.1.el7.centos.noarch > and it worked for me, with password '1'. I could not establish connectivity with the engine, it inaccessible. I tend to close worksforme. I do not think there is any issue with dumb passwords. Already tried several times, and while I do run into other issues (networking, currently), in all cases the engine vm was accessible (through either ssh or virsh console) and had the correct dumb password. Simone - why do you think we had an issue with dumb passwords? What was the "evidence"? (In reply to Yedidyah Bar David from comment #4) > Simone - why do you think we had an issue with dumb passwords? What was the > "evidence"? I debugged it a few month ago with Jenny. She was trying, if I'm not wrong, with 'pass' and chpasswd run by cloud-init was failing. We noticed that looking at qemu serial console where we found "Failed to set passwords with chpasswd for ['root']". I still have a screenshot, attaching it. Created attachment 1372401 [details]
failed_cloudinit_root_passwd
Spent a long time and can't see how it should fail in such a case. cloud-init seems to simply run 'chpasswd'. Running it manually with a file having 'root:pass' works for me. Perhaps we can run cloud-init with debug mode (no idea how, but checking the code I see it can output stuff). Looked at sources of chpasswd and it does not seem to enforce strong passwords either. Closing for now. Please reopen if there is more information, including logs etc. |