| Summary: | [RFE] subscription-manager should support prompting for credentials | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Bryan Kearney <bkearney> |
| Component: | subscription-manager | Assignee: | Bryan Kearney <bkearney> |
| Status: | CLOSED ERRATA | QA Contact: | John Sefler <jsefler> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.1 | CC: | andriusb, bkearney, mkhusid, redhat-bugzilla |
| Target Milestone: | rc | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-05-19 13:39:53 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | |||
| Bug Blocks: | 568421 | ||
|
Description
Bryan Kearney
2011-02-16 21:50:42 UTC
If you don't provide a --username or --password to register, you will be prompted for whichever you didn't provide. Username will be visible as you type it, password will not. trying to put in an empty one will just bring up the prompt again. identity --regenerate could also take user/pass (which would then regenerate the identity as the given user). Since it was hard to tell if the user just didn't want to have their user/pass visible, or didn't want to regenerate the identity as a user, i added a new option, --force, that will regenerate the identity as a user (and thus require username/password) In both master and rhel6, should be in 0.96.1 and 0.95.4 Verifying version... [root@jsefler-onprem03 ~]# rpm -q subscription-manager subscription-manager-0.95.3-1.git.8.c3aadec.el6.x86_64 [root@jsefler-onprem03 ~]# subscription-manager register --force Username: testuser1 Password: eff9a4c9-3579-49e5-a52f-83f2db29ab52 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager register --force --username=testuser1 Password: The system with UUID eff9a4c9-3579-49e5-a52f-83f2db29ab52 has been unregistered 22e479c6-0048-4ea9-b724-3876e09fe9f2 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager register --force --password=password Username: testuser1 The system with UUID 22e479c6-0048-4ea9-b724-3876e09fe9f2 has been unregistered 36bfe39f-29a8-4423-a956-788659570b79 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager register --force --password=password --username=testuser1 The system with UUID 36bfe39f-29a8-4423-a956-788659570b79 has been unregistered 0bb3af3b-b96c-4f21-ab39-de7d9d666230 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager register --force Username: Username: Username: Username: testuser1 Password: Password: Password: The system with UUID 0bb3af3b-b96c-4f21-ab39-de7d9d666230 has been unregistered 8cc80b83-be39-4775-99e6-63b5dbf3d98a jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager register --force Username: NULL Password: The system with UUID 8cc80b83-be39-4775-99e6-63b5dbf3d98a has been unregistered Invalid Credentials ^^^ All these tested variations of registering with/out username/password work as expected with the interactive prompting Verifying version... [root@jsefler-onprem03 ~]# rpm -q subscription-manager subscription-manager-0.95.3-1.git.8.c3aadec.el6.x86_64 [root@jsefler-onprem03 ~]# subscription-manager register --force Username: testuser1 Password: fb8105d7-93b2-4ca9-ab7d-b6f7fc4c9bf1 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager identity --username=testuser1 --password=password --username and --password can only be used with --force [root@jsefler-onprem03 ~]# subscription-manager identity --username=testuser1 --password=password --force --force can only be used with --regenerate [root@jsefler-onprem03 ~]# subscription-manager identity --username=testuser1 --password=password --force --regenerate fb8105d7-93b2-4ca9-ab7d-b6f7fc4c9bf1 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager identity --regenerate fb8105d7-93b2-4ca9-ab7d-b6f7fc4c9bf1 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager identity --regenerate --force Username: testuser1 Password: fb8105d7-93b2-4ca9-ab7d-b6f7fc4c9bf1 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager identity --regenerate --force Username: NULL Password: Invalid Credentials [root@jsefler-onprem03 ~]# subscription-manager identity --regenerate --force --username=testuser1 Password: fb8105d7-93b2-4ca9-ab7d-b6f7fc4c9bf1 jsefler-onprem03.usersys.redhat.com [root@jsefler-onprem03 ~]# subscription-manager identity --regenerate --force --password=password Username: testuser1 fb8105d7-93b2-4ca9-ab7d-b6f7fc4c9bf1 jsefler-onprem03.usersys.redhat.com ^^^ All these tested variations of identity --regenerate with/out username/password work as expected with the interactive prompting If someone still uses plain text passwords in a kickstart file, the exposure is limited to access to the ks.cfg file, correct? Nothing is logged elsewhere with the password? An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2011-0611.html |