Description of problem: Running satpasswd utility on a FIPS enabled Satellite 5.6 gives the following error: # satpasswd Usage: satpasswd user [OPTION] Change the password of a satellite user. -h, --help print this message and exit [root@dhcp-37-127 xmlrpc]# satpasswd jozefko Password: Retype password: psql:<stdin>:2: ERROR: new row for relation "web_contact" violates check constraint "vn_web_contact_password" clear_log_id -------------- (1 row) Version-Release number of selected component (if applicable): Satellite 5.6 How reproducible: Always Steps to Reproduce: 1. Satellite 5.6 installed on a FIPS enabled RHEL system 2. Run satpasswd utility Actual results: Above error. Expected results: No error, satpasswd works as expected. Additional info: # cat /proc/sys/crypto/fips_enabled 1 # echo password | openssl passwd -1 -stdin Segmentation fault
Fixed in spacewalk master by commit 19e197f4eda6b0e3491dc623a123c583e29eec2c 1022484 - ask for new password twice commit 4f2efe10f3c9ca6cab07e4ad2f2b01953cb99798 satpasswd supports SHA-256 encrypted user passwords The tool has been re-implemented in python to take advantage of our rhnUser password-related routines.
Backported to SATELLITE-5.7 as commit b29f485fb5e2c63fe4e7fea484877ddb9de6fcf3 1022484 - ask for new password twice commit 4f2efe10f3c9ca6cab07e4ad2f2b01953cb99798 Satellite satpasswd supports SHA-256 encrypted user passwords The tool has been re-implemented in python to take advantage of our rhnUser password-related routines.