Bug 811234
| Summary: | engine-setup does not work if database password contains special characters | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Retired] oVirt | Reporter: | Quyet Nguyen Duc <quyetnd> | ||||||
| Component: | ovirt-engine-config | Assignee: | Alon Bar-Lev <alonbl> | ||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Jiri Belka <jbelka> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | unspecified | CC: | acathrow, alonbl, bazulay, d.sastre.medina, emesika, iheim, jbelka, jkt, lyarwood, mcl, mgoldboi, mperina, s.kieske, yzaslavs | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | 3.4.0 | ||||||||
| Hardware: | x86_64 | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | infra | ||||||||
| Fixed In Version: | ovirt-engine-3.4.0_rc | Doc Type: | Bug Fix | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2014-03-31 12:26:48 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | 1020671 | ||||||||
| Bug Blocks: | |||||||||
| Attachments: |
|
||||||||
|
Description
Quyet Nguyen Duc
2012-04-10 13:54:49 UTC
Using password with space creates correct .pgpass file that allows using psql without providing a password. Nevertheless, the following fails: /usr/share/ovirt-engine/engine-config/engine-config -s CAEngineKey=/etc/pki/ovirt-engine/private/ca.pem --cver=general -p /usr/share/ovirt-engine/conf/engine-config-install.properties The error message: Connection to the Database failed. Please check that the hostname and port number are correct and that the Database service is up and running. Moving to ovirt-engine-config. I can confirm that this is still a problem in oVirt 3.1 on Fedora 17. I can confirm this is still an issue with oVirt 3.2 on Fedora 18. Also, not only whitespace can trigger this problem, password containing colons fail as well. The engine-setup tool was fixed to no longer allow whitespace in passwords (see bug 835363 for details). However, colons remain a problem: the .pgpass file is colon-delimited and escaping functionality was broken until postgres 9.2 (See pgsql-hackers thread [1], or find it in the changelog [2]). The result for ovirt is: for pgsql <= 9.1, passwords with a colon worked (engine setup didn't escape them, postgres didn't try to unescape them) for pgsql >= 9.2, passwords with a colon won't work without being escaped in the pgpass file [1] http://www.postgresql.org/message-id/flat/1324582589-sup-2604@alvh.no-ip.org#1324582589-sup-2604@alvh.no-ip.org [2] http://www.postgresql.org/docs/9.2/static/release-9-2.html I've made several tests with engine-setup and here are results: 1) Space and color characters are not forbidden to enter when entering database password in engine-setup 2) The behavior of engine-setup and these characters depends on database version 3) Installing oVirt 3.3 on Fedora 18 with Postgresql 9.2 works fine with space character included in password (for example "engine test"). Both ovirt-engine and engine-config works with this db password 4) Installing oVirt 3.3 on Fedora 18 with Postgresql 9.2 doesn't work with colon character included in password (for example "engine:test"). There's an error during engine-setup execution [ ERROR ] Failed to execute stage 'Misc configuration': Command '/home/mperina/ovirt-engine-test/share/ovirt-engine/dbscripts/create_schema.sh' failed to execute But when I specified database password using environment property, create_schema script worked fine: PGPASSWORD="engine:test" ./create_schema.sh -d engine -u engine 5) Installing oVirt 3.3 on RHEL 6 with Postgresql 8.4 doesn't work with space character included in password (for example "engine test"), following error appears during engine-setup execution: [ ERROR ] Cannot connect to database: Cannot connect to database: missing "=" after "test" in connection info string 6) Installing oVirt 3.3 on RHEL 6 with Postgresql 8.4 doesn't work with colon character included in password (for example "engine:test"), following error appears during engine-setup execution: [ ERROR ] Cannot connect to database: Cannot connect to database: FATAL: password authentication failed for user "engine" FATAL: password authentication failed for user "engine" (In reply to Martin Perina from comment #5) > I've made several tests with engine-setup and here are results: > > 1) Space and color characters are not forbidden to enter when entering > database password in engine-setup Right. And it should not, we do not need to care what password is passed. > 4) Installing oVirt 3.3 on Fedora 18 with Postgresql 9.2 doesn't work with > colon character included in password (for example "engine:test"). There's an > error during engine-setup execution > > [ ERROR ] Failed to execute stage 'Misc configuration': Command > '/home/mperina/ovirt-engine-test/share/ovirt-engine/dbscripts/create_schema. > sh' failed to execute Right, it may be that pgpass is produced invalid, can you please check how you specify password with ':' in pgpass? > 5) Installing oVirt 3.3 on RHEL 6 with Postgresql 8.4 doesn't work with > space character included in password (for example "engine test"), following > error appears during engine-setup execution: > > [ ERROR ] Cannot connect to database: Cannot connect to database: missing > "=" after "test" in connection info string This is probably a bug in the psql python driver, but as there is no log I cannot know the exact location. > 6) Installing oVirt 3.3 on RHEL 6 with Postgresql 8.4 doesn't work with > colon character included in password (for example "engine:test"), following > error appears during engine-setup execution: > > [ ERROR ] Cannot connect to database: Cannot connect to database: FATAL: > password authentication failed for user "engine" FATAL: password > authentication failed for user "engine" I don't know where it is without logs. Alon Created attachment 783863 [details]
Space in db password logs
'engine test' has been specified as db password
Created attachment 783875 [details]
Colon in db password logs
'engine:test' has been specified as db password
Yet, another example why too much automation is bad. (In reply to Martin Perina from comment #7) > Created attachment 783863 [details] > Space in db password logs > > 'engine test' has been specified as db password Yes, this is a bug in the psql python driver, rhel has old driver with this bug. (In reply to Martin Perina from comment #8) > Created attachment 783875 [details] > Colon in db password logs > > 'engine:test' has been specified as db password :) Yes, a bug in old driver of rhel... :) Hi, Can you please check the patch for fixing pgpassfile generation? it should work in all cases with newer driver (fedora). For rhel, I suggest either we request new version or just settle with the issues. Thanks for testing! Alon Patch works using colon or space in db password on F18. Itamar: more reasons... over automation. So we are left with bugs of old version python-psycopg2 which rhel use. Again, too much automation. This is an automated message. Re-targeting all non-blocker bugs still open on 3.4.0 to 3.4.1. this is an automated message: moving to Closed CURRENT RELEASE since oVirt 3.4.0 has been released |