Bug 1830355

Summary: [RFE] satellite-maintain upgrade check should not store incorrect password
Product: Red Hat Satellite Reporter: Jessica Hanley <jhanley>
Component: Satellite MaintainAssignee: Amit Upadhye <aupadhye>
Status: CLOSED ERRATA QA Contact: Gaurav Talreja <gtalreja>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.7.0CC: apatel, aupadhye, bkearney, kgaikwad, osousa, zhunting
Target Milestone: 6.10.0Keywords: FutureFeature, Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: rubygem-foreman_maintain-0.8.9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-16 13:48:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jessica Hanley 2020-05-01 17:42:08 UTC 
Description of problem:

If the customer is prompted to enter a hammer password when running this command:

# satellite-maintain upgrade check --target-version 6.7

and if the wrong password is entered, the password field in "/etc/foreman-maintain/foreman-maintain-hammer.yml" changes to the incorrect password.

Version-Release number of selected component (if applicable):

6.7

How reproducible:

Only when the upgrade check prompts for a hammer password.

Steps to Reproduce:
1.  cat /etc/foreman-maintain/foreman-maintain-hammer.yml to see the current password.
2.  Run "satellite-maintain upgrade check --target-version 6.7".
3.  If prompted for a hammer password, enter a different, incorrect password.
4.  cat /etc/foreman-maintain/foreman-maintain-hammer.yml to see the incorrect password there.

Actual results:

System configuration is permanently changed by an upgrade check.

Expected results:

The system configuration should not be changed by a check.


Additional info:
Comment 3 Suraj Patil 2020-05-14 13:43:32 UTC 
Created redmine issue https://projects.theforeman.org/issues/29818 from this bug
Comment 5 Gaurav Talreja 2021-09-01 16:49:05 UTC 
Verified.

Tested on Satellite 6.10.0 Snap 16.0
Version: rubygem-foreman_maintain-0.8.13-2.el7sat.noarch

Steps:
1. # hammer user update --login admin --password <new-password>
2. # foreman-maintain advanced procedure run hammer-setup

Observation:
Step 2 fails firstly as it contains initial_admin_password set by satellite-answers.yaml, after updating password using step1, also requires an update in /etc/foreman-maintain/foreman-maintain-hammer.yml.
So when running step 2 again, it prompts for admin password, if entered incorrectly then it doesn't store password and exits with RC 1, else only when entered correctly this stores password in /etc/foreman-maintain/foreman-maintain-hammer.yml.
Comment 8 errata-xmlrpc 2021-11-16 13:48:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Satellite 6.10 Satellite Maintenance Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4697