Description of problem: If you navigate to Administer -> Settings and view the Root password option on the Provisioning tab, the value is not masked which ideally it should be. Version-Release number of selected component (if applicable): Red Hat Satellite 6.7 public beta. How reproducible: If you navigate to Administer -> Settings and view the Root password option on the Provisioning tab, the value is not encrypted, it should not be in the plain text. Actual results: The root password is visible to any user. Expected results: The root password should be in encrypted format. Additional info: NA.
Created redmine issue https://projects.theforeman.org/issues/29967 from this bug
For the record, root password in Admister - Setting can be actually stored in Linux crypt format, that's the reason why it is not crypted. But we added possibility to accept it also via plaintext, then it needs to be crypted. https://lukas.zapletalovi.com/2018/02/on-generating-kickstart-passwords.html
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/29967 has been resolved.
Fix is in Satellite 6.9 SNAP 1 with foreman-2.3.0-0.7.rc1.el7sat.noarch
Verified in Satellite 6.9 Snap 3, Issue is resolved now and not able to see the password in plaintext. Marking as verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Satellite 6.9 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1313