Bug 1518909 - Remove salt from ceph-repos if calamari no longer needs it.
Summary: Remove salt from ceph-repos if calamari no longer needs it.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: Calamari
Version: 2.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: 2.5
Assignee: Boris Ranto
QA Contact: subhash
Aron Gunn
URL:
Whiteboard:
Depends On:
Blocks: 1507418
TreeView+ depends on / blocked
 
Reported: 2017-11-29 18:17 UTC by Christina Meno
Modified: 2022-02-21 18:03 UTC (History)
9 users (show)

Fixed In Version: RHEL: calamari-server-1.5.7-1.el7cp Ubuntu: calamari_1.5.7-2redhat1xenial
Doc Type: Deprecated Functionality
Doc Text:
.The `salt` packages have been deprecated and removed The installation of the Calamari web interface no longer requires the `salt` packages, because of several security vulnerabilities. Remove the `salt` packages manually to mitigate those security vulnerabilities, if they are installed.
Clone Of:
Environment:
Last Closed: 2018-02-21 19:46:24 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:0340 0 normal SHIPPED_LIVE Red Hat Ceph Storage 2.5 bug fix and enhancement update 2018-02-22 00:50:32 UTC

Description Christina Meno 2017-11-29 18:17:27 UTC
Description of problem:
We shipped salt in ceph 2, there are CVEs that we'd like to not have to ship

tasks are:
* check that calamari can exists w/o salt
* add a release note saying that we won't update salt

Comment 7 Boris Ranto 2018-01-03 10:40:37 UTC
This PR should address the issues I noticed while testing this:

https://github.com/ceph/calamari/pull/527

Comment 9 Christina Meno 2018-01-04 22:36:31 UTC
https://github.com/ceph/calamari/releases/tag/v1.5.7

Comment 15 subhash 2018-01-20 07:53:32 UTC
Ran calamari api automated test cases without salt packages installed.works fine.Moving to verified state

Comment 21 errata-xmlrpc 2018-02-21 19:46:24 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0340


Note You need to log in before you can comment on or make changes to this bug.