Bug 1395880 - If ks file generated by anaconda on RHEL6 gets uploaded to Spacewalk, the following warn msg shows up: "This kickstart profile uses a different type of encryption by default than the root password is currently using.."
Summary: If ks file generated by anaconda on RHEL6 gets uploaded to Spacewalk, the fol...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite 5
Classification: Red Hat
Component: WebUI
Version: 580
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Grant Gainey
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Depends On: 1348522
Blocks: sat580-spw-retest
TreeView+ depends on / blocked
 
Reported: 2016-11-16 21:17 UTC by Jan Hutař
Modified: 2017-06-21 12:12 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1348522
Environment:
Last Closed: 2017-06-21 12:12:16 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Jan Hutař 2016-11-16 21:17:53 UTC 
We have tested (or attempted to test) bug like this when Spacewalk 2.6 was to be released. This is a clone of that bug to get it re-tested on Satellite 5.8.0. In some cases bug can be completely irrelevant (in such cases I suggest to close the bug as NOTABUG), in some cases it might be wise to take the bug as a note that something changed in a given area and we might want to sanity-test that area (and mark the bug as VERIFIED with "SanityOnly" keyword) and in some cases bug might be totally relevant to Satellite.



+++ This bug was initially created as a clone of Bug #1348522 +++

Description of problem:

If ks file generated by anaconda on RHEL6 gets uploaded to Satellite, the following warn message shows up:

"This kickstart profile uses a different type of encryption by default than the root password is currently using. You must reset the root password to encrypt it with the new method."

See the attached picture.

Note: By default anaconda on rhel6 uses sha512 algo for rootpw.


Version-Release number of selected component (if applicable):

2.5


How reproducible:

Always


Steps to Reproduce:

1. Install some RHEL6 machine to get ks file or generate it or make sure that already existing one contains sha512 algo (starts with "$6"):

rootpw --iscrypted $6$trAlalaT$RaLaLAtraLALaTR4lALATr4LAlatraLALaTR4lALATr4LAltraLALaTR4lALATr4LAltraLALaTR4lALATr4LA

2. Upload it to the Spacewalk:

https://<input_your_sat_fqdn>/rhn/kickstart/AdvancedModeCreate.do

3. Switch to "Kickstart File" tab:

https://<input_your_sat_fqdn>/rhn/kickstart/KickstartFileDownloadAdvanced.do?ksid=<input_ks_id>


Actual results:

The following warn message gets printed:

"This kickstart profile uses a different type of encryption by default than the root password is currently using. You must reset the root password to encrypt it with the new method."


Expected results:

No warn message if anaconda uses sha512 on RHEL6 by default.

--- Additional comment from Gennadii Altukhov on 2016-06-21 07:31:13 EDT ---

Taking...

--- Additional comment from Gennadii Altukhov on 2016-06-21 08:26:27 EDT ---

spacewalk.git:
23bcc689857463608c23ee8090ad4af354f5dd5a

--- Additional comment from Gennadii Altukhov on 2016-10-17 05:44:27 EDT ---

1) Add commit with small fix:
cbc62debb44e26224c0785d7610e94e0f9f96a41

2) Add fix for backward compatibility:
2e27bc7c4a13477c64f4c707dcfd4df649cd1199

--- Additional comment from Radovan Drazny on 2016-11-16 04:40:11 EST ---

Verified by reproducer from the initial report, using spacewalk-java-2.6.48-1. Used a sample kickstart file with "rootpw --iscrypted" option encrypted with sha512  (encrypted string format is $6$<salt>$<encrypted_password>). There is no error message now. Both $6... and $5... are accepted without an error.

VERIFED
Comment 1 Martin Korbel 2017-05-19 13:41:56 UTC 
Verified on spacewalk-backend-2.5.3-121

Reproducer via commanet 0.
Note You need to log in before you can comment on or make changes to this bug.