Description of problem: RHEV-H always persist the config info of "Strong Random Number Generator" after disable AES-NI options. Version-Release number of selected component (if applicable): rhev-hypervisor6-6.6-20141106.1 ovirt-node-3.0.1-19.el6.22.noarch How reproducible: 100% Steps to Reproduce: 1. Install RHEV-H 2. Enter Security menu, enable AES-NI and input Bytes Used(e.g. 123) 3. Save and check /etc/profile 4. Disable AES-NI 5. Save and check /etc/profile again. Actual results: RHEV-H always persist the config info of "Strong Random Number Generator" after disable AES-NI options. 1. step 3: export SSH_USE_STRONG_RNG=123 2. step 5: export OPENSSL_DISABLE_AES_NI=1 export SSH_USE_STRONG_RNG=123 Expected results: RHEV-H should remove the config info of "Strong Random Number Generator" after disable AES-NI options. Additional info:
Test version: rhev-hypervisor7-7.2-20151112.1 ovirt-node-3.6.0-0.20.20151103git3d3779a.el7ev.noarch Test steps: 1. Install RHEV-H 2. Enter Security menu, enable AES-NI and input Bytes Used(e.g. 123) 3. Save and check /etc/profile 4. Disable AES-NI 5. Save and check /etc/profile again. Test result: RHEV-H can remove the config info of "Strong Random Number Generator" after disable AES-NI options. #grep "export" /etc/profile export HISTCONTROL=ignoreboth export HISTCONTROL=ignoredups export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL export OPENSSL_DISABLE_AES_NI=1 So the bug is fixed, change bug status to VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0378.html