Bug 1120311 - hammer-cli-foreman config file includes username and password
Summary: hammer-cli-foreman config file includes username and password
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Hammer
Version: 6.0.4
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: Unspecified
Assignee: Martin Bacovsky
QA Contact: sthirugn@redhat.com
URL: http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-16 17:28 UTC by Tom McKay
Modified: 2019-09-26 18:10 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-09-11 12:25:29 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Tom McKay 2014-07-16 17:28:02 UTC 
Install of sat6-beta resulted in /etc/hammer/cli.modules.d/foreman.yml with username and password specified (admin/changeme). Install should not include either in hammer config files.
Comment 1 Tom McKay 2014-07-16 17:28:03 UTC 
Created from redmine issue http://projects.theforeman.org/issues/6644
Comment 3 Bryan Kearney 2014-07-21 10:04:07 UTC 
Moving to POST since upstream bug http://projects.theforeman.org/issues/6644 has been closed
Comment 4 Martin Bacovsky 2014-07-21 10:24:50 UTC 
According to 
https://github.com/theforeman/foreman-packaging/blob/rpm/develop/rubygem-hammer_cli_foreman/foreman.yml it is fixed in upstream.
It was done in katello-thirdparty repo commit d69ef412b48323b3eee6a58b2658fa0b5c66e985
Comment 6 sthirugn@redhat.com 2014-07-28 19:39:18 UTC 
Verified.

The installation is not storing admin credentials now.

# cat /etc/hammer/cli.modules.d/foreman.yml 
:foreman:
  # Enable/disable foreman commands
  :enable_module: true

  # Your foreman server address
  :host: 'https://localhost/'

  # Credentials. You'll be asked for the interactively if you leave them blank here
  :username: 'admin'
  #:password: 'example'

  # Check API documentation cache status on each request
  #:refresh_cache: false

  # API request timeout, set -1 for infinity
  #:request_timeout: 120 #seconds

Version Tested:
Satellite-6.0.4-RHEL-6-20140723.0

* apr-util-ldap-1.3.9-3.el6_0.1.x86_64
* candlepin-0.9.19-1.el6_5.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.9.19-1.el6_5.noarch
* candlepin-tomcat6-0.9.19-1.el6_5.noarch
* elasticsearch-0.90.10-4.el6sat.noarch
* foreman-1.6.0.29-1.el6sat.noarch
* foreman-compute-1.6.0.29-1.el6sat.noarch
* foreman-gce-1.6.0.29-1.el6sat.noarch
* foreman-libvirt-1.6.0.29-1.el6sat.noarch
* foreman-ovirt-1.6.0.29-1.el6sat.noarch
* foreman-postgresql-1.6.0.29-1.el6sat.noarch
* foreman-proxy-1.6.0.21-1.el6sat.noarch
* foreman-selinux-1.6.0-8.el6sat.noarch
* foreman-vmware-1.6.0.29-1.el6sat.noarch
* katello-1.5.0-27.el6sat.noarch
* katello-ca-1.0-1.noarch
* katello-certs-tools-1.5.6-1.el6sat.noarch
* katello-installer-0.0.56-1.el6sat.noarch
* openldap-2.4.23-32.el6_4.1.x86_64
* pulp-katello-0.3-3.el6sat.noarch
* pulp-nodes-common-2.4.0-0.23.beta.el6sat.noarch
* pulp-nodes-parent-2.4.0-0.23.beta.el6sat.noarch
* pulp-puppet-plugins-2.4.0-0.23.beta.el6sat.noarch
* pulp-puppet-tools-2.4.0-0.23.beta.el6sat.noarch
* pulp-rpm-plugins-2.4.0-0.23.beta.el6sat.noarch
* pulp-selinux-2.4.0-0.23.beta.el6sat.noarch
* pulp-server-2.4.0-0.23.beta.el6sat.noarch
* python-ldap-2.3.10-1.el6.x86_64
* ruby193-rubygem-net-ldap-0.3.1-3.el6sat.noarch
* ruby193-rubygem-runcible-1.1.0-2.el6sat.noarch
Comment 8 Bryan Kearney 2014-09-11 12:25:29 UTC 
This was delivered with Satellite 6.0 which was released on 10 September 2014.
Note You need to log in before you can comment on or make changes to this bug.