Bug 841676

Summary: rhevm-setup defaults secure database connections to no.
Product: Red Hat Enterprise Virtualization Manager Reporter: Stephen Gordon <sgordon>
Component: ovirt-engine-setupAssignee: Alon Bar-Lev <alonbl>
Status: CLOSED CURRENTRELEASE QA Contact: Ilanit Stein <istein>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.1.0CC: acathrow, bazulay, dyasny, iheim, knesenko, pmatouse, Rhev-m-bugs, ykaul
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: integration
Fixed In Version: si15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-12-04 20:02:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 815519    

Description Stephen Gordon 2012-07-19 20:25:39 UTC 
Description of problem:

When running rhevm-setup the default option for secure connection when connecting a remote database server is 'no'. I believe it should be 'yes'.

Configure secure connection? ['yes'| 'no']  [no] :

If the default value is in fact intended to be no then we need to provide a rational for that both on screen and in the documentation, because user's are going to wonder why we are asking them not to use a security feature.

Version-Release number of selected component (if applicable):

SI11
Comment 2 Itamar Heim 2012-07-20 13:05:39 UTC 
andrew - thoughts?
Comment 8 Moran Goldboim 2012-08-07 12:47:10 UTC 
Andrew, can we get the final decision here.
Comment 10 Alon Bar-Lev 2012-08-15 13:40:36 UTC 
commit 9d3150fefb96adc0cc93b998617cb2e63e67cd95
Author: Alon Bar-Lev <alonbl>
Date:   Wed Aug 15 15:43:07 2012 +0300

    BZ#841676 packaging: modify secure db connection prompt
    
    Phrase the ssl prompt to a more user friendly prompt, so the default
    'no' may be kept without alerting anyone.
    
    Change-Id: I447c842ff21ef7193b005ff9758572cdd3fe08d0
    Signed-off-by: Alon Bar-Lev <alonbl>

http://gerrit.ovirt.org/#/c/7212/
Comment 13 Itamar Heim 2012-08-16 16:28:28 UTC 
just send a patch upstream to fix per the comment you got downstream in this case, i don't see a reason it will casue contention.
Comment 14 Alon Bar-Lev 2012-08-16 18:25:30 UTC 
commit 122cd6564da3f4536cb86528617372d95c1643ba
Author: Alon Bar-Lev <alonbl>
Date:   Thu Aug 16 21:18:16 2012 +0300

    BZ#841676 packaging: modify secure db connection prompt
    
    Phrase the ssl prompt to a more user friendly prompt, so the default
    'no' may be kept without alerting anyone.
    
    Alters commit 88bb2185880 with different wording.
    
    Change-Id: Iea03c96997d7fe5b38850015e35f015578c4497b
    Signed-off-by: Alon Bar-Lev <alonbl>

http://gerrit.ovirt.org/#/c/7269/
Comment 15 Ilanit Stein 2012-09-02 09:24:32 UTC 
Verified on SI16.

No notification was seen when default "no" was chosen:

Enter DB type for installation ['remote'| 'local']  [local] : remote
Enter the host IP or host name where DB is running: lilach-vdsa.tlv.redhat.vom

Error: the provided hostname is unreachable.

User input failed validation, do you still wish to use it? (yes|no): yes
Enter DB port number  [5432] : 
Enter DB admin user name  [postgres] : 
Remote database password :
Warning: Weak Password.
Confirm password :
Configure secure connection? (make sure SSL is configured on remote database) ['yes'| 'no']  [no] : 

Could not connect to host lilach-vdsa.tlv.redhat.vom with provided credentials. Check that your settings are correct.