Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1931316

Summary:	@grub_pass seems deprecated in the default kickstart template
Product:	Red Hat Satellite	Reporter:	matt jia <mjia>
Component:	Provisioning Templates	Assignee:	Oleh Fedorenko <ofedoren>
Status:	CLOSED ERRATA	QA Contact:	Ondrej Gajdusek <ogajduse>
Severity:	medium	Docs Contact:
Priority:	medium
Version:	6.8.0	CC:	ehelms, mhulan, ofedoren
Target Milestone:	6.10.0	Keywords:	Triaged
Target Release:	Unused
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-11-16 14:10:12 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description matt jia 2021-02-22 06:45:59 UTC

Description of problem:

We have this in the default kickstart template:

bootloader --location=mbr --append="<%= host_param('bootloader-append') || 'nofb quiet splash=quiet' %>" <%= @grub_pass %>

According to https://community.theforeman.org/t/grub-pass-ks-console/10610, @grub_pass is defined nowhere and the code is dead. Thus, we should change the template to use @host.grub_pass so that people can define grub_grass as a host/hg/global param.



Version-Release number of selected component (if applicable):

6.8

How reproducible:

Easy

Steps to Reproduce:
1. nowhere to define @grub_pass. The only way to change the booloader password is to clone the template. However, in same cases, people do not want to clone.

Actual results:

Can not define @grub_pass to pass the bootloader password

Expected results:

Can define @grub_pass to pass the password.

Comment 1 Oleh Fedorenko 2021-04-22 13:02:25 UTC

There is `grub_pass` macro available to be used in the template. Probably it's a typo which uses @grup_pass variable instead of the macro. I'd suggest to use the macro instead (it also does proper option assignment instead of possible wrongly set @grub_pass or host.grub_pass).

Comment 2 Oleh Fedorenko 2021-04-22 13:06:48 UTC

Created redmine issue https://projects.theforeman.org/issues/32394 from this bug

Comment 3 Bryan Kearney 2021-04-22 16:05:02 UTC

Upstream bug assigned to ofedoren

Comment 4 Bryan Kearney 2021-04-22 16:05:05 UTC

Upstream bug assigned to ofedoren

Comment 5 Bryan Kearney 2021-04-27 16:05:00 UTC

Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/32394 has been resolved.

Comment 6 Ondrej Gajdusek 2021-08-03 17:20:30 UTC

VERIFIED

Satellite 6.10.0 snap 10
foreman-2.5.2-1.el7sat.noarch
satellite-6.10.0-0.5.beta.el7sat.noarch

Grub password is now derived from the password of the root user. BZ1989231 requests differentiation between root and bootloader passwords.
However if the user sets the password and provisions the host, the Anaconda installer refuses to proceed to installation due to the invalid format of the bootloader password. BZ1989232 filed to fix this issue.
If the user updates the root password while having the `encrypt_grub` parameter set to 'true' already, only the root password is changed to the right format and bootloader password changes to a string that is different from the rootpw. BZ1989233 filed for this issue.

Additional information:
BZ1989666 created for documentation of the `encrypt_grub` parameter.

Comment 9 errata-xmlrpc 2021-11-16 14:10:12 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.10 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:4702