Bug 1812321

Summary: root disk passphrase can be deleted post successful clevis-luks-bind
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: SATHEESARAN <sasundar>
Component: rhhiAssignee: Gobinda Das <godas>
Status: CLOSED ERRATA QA Contact: SATHEESARAN <sasundar>
Severity: high Docs Contact:
Priority: unspecified    
Version: rhgs-3.5CC: rhs-bugs
Target Milestone: ---   
Target Release: RHHI-V 1.8   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: gluster-ansible-infra-1.0.4-6.el8rhgs Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of:
: 1812322 (view as bug list) Environment:
Last Closed: 2020-08-04 14:51:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1812322    
Bug Blocks: 1779977    

Description SATHEESARAN 2020-03-11 01:48:09 UTC 
Description of problem:
------------------------
root passphrase is saved under /etc/. once the clevis-luks-bind is completed successfully with tang server, this passphrase is no longer required and can be cleaned up.

Version-Release number of selected component (if applicable):
-------------------------------------------------------------
gluster-ansible-infra-1.0.4-5.el8rhgs.noarch.rpm 

How reproducible:
-----------------
Always

Steps to Reproduce:
-------------------
1. Run the ansible playbook that completes NBDE

Actual results:
---------------
root filesystem disk's passphrase in a key file is available post successful clevis-luks-bind to tang server

Expected results:
------------------
Post successful clevis-luks-bind to tang server, the root filesytem disk's passphrase key file can be deleted
Comment 2 SATHEESARAN 2020-03-21 10:05:02 UTC 
Tested with gluster-ansible-infra-1.0.4-6

After NBDE setup is completed with ansible playbook, the passphrase stored in /etc/sdx_key as well as the root disk key /etc/root_key is removed
Comment 4 errata-xmlrpc 2020-08-04 14:51:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (RHHI for Virtualization 1.8 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:3314