Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1111277

Summary: rhevm-engine-setup: weak default passwords for PostgreSQL database users
Product: Red Hat Enterprise Virtualization Manager Reporter: Chris Pelland <cpelland>
Component: ovirt-engine-setupAssignee: Sandro Bonazzola <sbonazzo>
Status: CLOSED ERRATA QA Contact: Petr Beňas <pbenas>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.3.0CC: acathrow, alonbl, bazulay, cpelland, dblechte, dfediuck, djorm, gklein, idith, iheim, mik, mmcallis, pstehlik, rhev-integ, Rhev-m-bugs, sbonazzo, sherold, tpoitras, yeylon
Target Milestone: ---Keywords: Security, ZStream
Target Release: 3.3.4   
Hardware: All   
OS: Linux   
Whiteboard: integration
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Previously, automatically setting up a PostgreSQL database with engine-setup generated weak passwords for the PostgreSQL users. Since the PostgreSQL database is accessible remotely with a default Red Hat Enterprise Virtualization Manager installation, this was a security issue. Now a patch has been added that creates stronger random passwords and the length has been extended to 22 characters.
 Story Points: ---
Clone Of: 1111084 Environment:
Last Closed: 2014-07-09 11:52:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1103976, 1111084    
Bug Blocks:    

Comment 2 Petr Beňas 2014-06-26 15:45:40 UTC 
[root@localhost ~]#  grep PASS /etc/ovirt-engine/engine.conf.d/10-setup-database.conf | cut -d '=' -f 2 | wc -c
25
[root@localhost ~]# rpm -qa rhevm-setup
rhevm-setup-3.3.4-0.53.el6ev.noarch
Comment 4 errata-xmlrpc 2014-07-09 11:52:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-0863.html