Description of problem: ------------------------ root passphrase is saved under /etc/. once the clevis-luks-bind is completed successfully with tang server, this passphrase is no longer required and can be cleaned up. Version-Release number of selected component (if applicable): ------------------------------------------------------------- gluster-ansible-infra-1.0.4-5.el8rhgs.noarch.rpm How reproducible: ----------------- Always Steps to Reproduce: ------------------- 1. Run the ansible playbook that completes NBDE Actual results: --------------- root filesystem disk's passphrase in a key file is available post successful clevis-luks-bind to tang server Expected results: ------------------ Post successful clevis-luks-bind to tang server, the root filesytem disk's passphrase key file can be deleted
Tested with gluster-ansible-infra-1.0.4-6 After NBDE setup is completed with ansible playbook, the passphrase stored in /etc/sdx_key as well as the root disk key /etc/root_key is removed
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (RHHI for Virtualization 1.8 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2020:3314