Bug 1120311 - hammer-cli-foreman config file includes username and password
Summary: hammer-cli-foreman config file includes username and password
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Hammer
Version: 6.0.4
Hardware: Unspecified
OS: Unspecified
unspecified
high vote
Target Milestone: Unspecified
Assignee: Martin Bacovsky
QA Contact: sthirugn@redhat.com
URL: http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-16 17:28 UTC by Tom McKay
Modified: 2018-12-06 17:21 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-09-11 12:25:29 UTC


Attachments (Terms of Use)

Description Tom McKay 2014-07-16 17:28:02 UTC
Install of sat6-beta resulted in /etc/hammer/cli.modules.d/foreman.yml with username and password specified (admin/changeme). Install should not include either in hammer config files.

Comment 1 Tom McKay 2014-07-16 17:28:03 UTC
Created from redmine issue http://projects.theforeman.org/issues/6644

Comment 3 Bryan Kearney 2014-07-21 10:04:07 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/6644 has been closed

Comment 4 Martin Bacovsky 2014-07-21 10:24:50 UTC
According to 
https://github.com/theforeman/foreman-packaging/blob/rpm/develop/rubygem-hammer_cli_foreman/foreman.yml it is fixed in upstream.
It was done in katello-thirdparty repo commit d69ef412b48323b3eee6a58b2658fa0b5c66e985

Comment 6 sthirugn@redhat.com 2014-07-28 19:39:18 UTC
Verified.

The installation is not storing admin credentials now.

# cat /etc/hammer/cli.modules.d/foreman.yml 
:foreman:
  # Enable/disable foreman commands
  :enable_module: true

  # Your foreman server address
  :host: 'https://localhost/'

  # Credentials. You'll be asked for the interactively if you leave them blank here
  :username: 'admin'
  #:password: 'example'

  # Check API documentation cache status on each request
  #:refresh_cache: false

  # API request timeout, set -1 for infinity
  #:request_timeout: 120 #seconds

Version Tested:
Satellite-6.0.4-RHEL-6-20140723.0

* apr-util-ldap-1.3.9-3.el6_0.1.x86_64
* candlepin-0.9.19-1.el6_5.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.9.19-1.el6_5.noarch
* candlepin-tomcat6-0.9.19-1.el6_5.noarch
* elasticsearch-0.90.10-4.el6sat.noarch
* foreman-1.6.0.29-1.el6sat.noarch
* foreman-compute-1.6.0.29-1.el6sat.noarch
* foreman-gce-1.6.0.29-1.el6sat.noarch
* foreman-libvirt-1.6.0.29-1.el6sat.noarch
* foreman-ovirt-1.6.0.29-1.el6sat.noarch
* foreman-postgresql-1.6.0.29-1.el6sat.noarch
* foreman-proxy-1.6.0.21-1.el6sat.noarch
* foreman-selinux-1.6.0-8.el6sat.noarch
* foreman-vmware-1.6.0.29-1.el6sat.noarch
* katello-1.5.0-27.el6sat.noarch
* katello-ca-1.0-1.noarch
* katello-certs-tools-1.5.6-1.el6sat.noarch
* katello-installer-0.0.56-1.el6sat.noarch
* openldap-2.4.23-32.el6_4.1.x86_64
* pulp-katello-0.3-3.el6sat.noarch
* pulp-nodes-common-2.4.0-0.23.beta.el6sat.noarch
* pulp-nodes-parent-2.4.0-0.23.beta.el6sat.noarch
* pulp-puppet-plugins-2.4.0-0.23.beta.el6sat.noarch
* pulp-puppet-tools-2.4.0-0.23.beta.el6sat.noarch
* pulp-rpm-plugins-2.4.0-0.23.beta.el6sat.noarch
* pulp-selinux-2.4.0-0.23.beta.el6sat.noarch
* pulp-server-2.4.0-0.23.beta.el6sat.noarch
* python-ldap-2.3.10-1.el6.x86_64
* ruby193-rubygem-net-ldap-0.3.1-3.el6sat.noarch
* ruby193-rubygem-runcible-1.1.0-2.el6sat.noarch

Comment 8 Bryan Kearney 2014-09-11 12:25:29 UTC
This was delivered with Satellite 6.0 which was released on 10 September 2014.


Note You need to log in before you can comment on or make changes to this bug.