Description of problem: When rhevm is configured using a password with a special character, that character is escaped in 10-setup-database.conf. However, ovirt-engine-dwh-setup does not honor the '/' as an escape character and fails to run. Version-Release number of selected component (if applicable): * rhevm-setup-3.3.0-0.46.el6ev.noarch * rhevm-dwh-3.3.0-29.el6ev.noarch How reproducible: 100% Steps to Reproduce: 1. Manually create the engine user and database: postgres=# create user engine password '123$576'; postgres=# create database engine owner engine template template0 encoding 'UTF8' lc_collate 'en_US.UTF-8' lc_ctype 'en_US.UTF-8'; 2. Run engine-setup, entering '123$576' when prompted for the engine DB password 3. Run ovirt-engine-dwh-setup Actual results: It fails immediately with: 2014-02-26 15:52:33::DEBUG::common_utils::907::root:: Executing command --> '/usr/bin/psql --pset=tuples_only=on --set ON_ERROR_STOP=1 --dbname engine --host localhost --port 5432 --username engine -w -c copy ( select option_value from vdc_options where option_name like 'MinimalETLVersion' ) to stdout with csv header;' in working directory '/usr/share/ovirt-engine-dwh' 2014-02-26 15:52:33::DEBUG::common_utils::962::root:: output = 2014-02-26 15:52:33::DEBUG::common_utils::963::root:: stderr = psql: FATAL: password authentication failed for user "engine" Expected results: It runs successfully Additional info: After engine-setup is run, the ENGINE_DB_PASSWORD looks like this: ENGINE_DB_PASSWORD="123\$576" Analyzing the contents of db_dict, we see: {'username': 'engine_history', 'engine_db': 'engine', 'engine_pass': '123\\$576', 'engine_user': 'engine', 'readonly': None, 'port': '5432', 'host': 'localhost', 'password': '3202kFbN', 'dbname': 'ovirt_engine_history'} The ovirt-engine-dwh-setup script is interpreting the '/' escaping the '$' as a normal character, and then escaping it.
Th workaround for this is to edit '10-setup-database.conf', remove the '/', run ovirt-engine-dwh-setup, then edit '10-setup-database.conf' again and add the '/' back.
I can't even connect to the PG DB using $ in the password: #psql -U postgres -d engine -c "ALTER USER engine WITH PASSWORD '123456';" ALTER ROLE # psql -h 'myhost' -U engine Password for user engine: psql (8.4.20, server 8.4.18) Type "help" for help. engine=> #psql -U postgres -d engine -c "ALTER USER engine WITH PASSWORD '123$56';" ALTER ROLE # psql -h 'myhost' -U engine Password for user engine: psql: FATAL: password authentication failed for user "engine". What am I missing ?
(In reply to Barak Dagan from comment #6) > I can't even connect to the PG DB using $ in the password: > > #psql -U postgres -d engine -c "ALTER USER engine WITH PASSWORD '123456';" > ALTER ROLE > > # psql -h 'myhost' -U engine > Password for user engine: > psql (8.4.20, server 8.4.18) > Type "help" for help. > > engine=> > > > #psql -U postgres -d engine -c "ALTER USER engine WITH PASSWORD '123$56';" Did you type this command as-is? > ALTER ROLE > > # psql -h 'myhost' -U engine > Password for user engine: > psql: FATAL: password authentication failed for user "engine". > > What am I missing ? $5 will be eaten by the shell, probably replaced by '', so in effect you changed the password to 12346 . Use escapes/quoting/etc.
Verified on av2.1: postgres=# "ALTER USER engine WITH PASSWORD '1234%6'; /etc/ovirt-engine/engine.conf.d/10-setup-database.conf: ENGINE_DB_USER="engine" ENGINE_DB_PASSWORD="1234%6" ENGINE_DB_DATABASE="engine" DWH installation passed successfuly.
Verified on av2.1: postgres=# "ALTER USER engine WITH PASSWORD '123$56'; /etc/ovirt-engine/engine.conf.d/10-setup-database.conf: ENGINE_DB_USER="engine" ENGINE_DB_PASSWORD="123\$56" ENGINE_DB_DATABASE="engine" DWH installation passed successfuly.
Andrew, note that this bug is actually on 3.3, cloned and fixed in 3.3.2, and the original (this one) was left mainly for verification. Not sure it really needs a doc text. If we do want one, consider that {rhevm,ovirt-engine}-{dwh,reports}-setup were replaced by 'engine-setup' which does everything (using plugins). Also note that the escape char is '\' and not '/'. So we might have something like: Previously, the ovirt-engine-dwh-setup command would fail under certain conditions. This would occur when the password specified for the internal admin user for the Red Hat Enterprise Virtualization Manager contained special characters. While passwords would be correctly escaped in the 10-setup-database.conf file, the ovirt-engine-dwh-setup command would not detect the '\' escape character, resulting in an authentication error. The ovirt-engine-dwh-setup command is obsoleted by this release, and its functionality is contained in the 'engine-setup' command, which does not suffer from this bug. Same for bug #1070344.
Hi Yedidyah, Thank you for your message. Yes, I recall a similar bug to this one being listed in an older advisory, and I would be happy to take this one from the list if you feel there is not a strong case for having doc text for this one as well. I will change the requires_doc_text flag to '-' for now, but please let me know if you feel some form of documentation is needed later on. I will also correct the escape character used to ensure it reflects your feedback, just in case. Please let me know if you have any other concerns or if there are any other bugs you feel might not need doc text. Kind regards, Andrew
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2014-0601.html