Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira ( If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1931316 - @grub_pass seems deprecated in the default kickstart template
Summary: @grub_pass seems deprecated in the default kickstart template
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Provisioning Templates
Version: 6.8.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: 6.10.0
Assignee: Oleh Fedorenko
QA Contact: Ondrej Gajdusek
Depends On:
TreeView+ depends on / blocked
Reported: 2021-02-22 06:45 UTC by matt jia
Modified: 2021-11-16 14:10 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2021-11-16 14:10:12 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 32394 0 Normal New @grub_pass seems deprecated in the default kickstart template 2021-04-22 13:06:50 UTC
Red Hat Product Errata RHSA-2021:4702 0 None None None 2021-11-16 14:10:21 UTC

Description matt jia 2021-02-22 06:45:59 UTC
Description of problem:

We have this in the default kickstart template:

bootloader --location=mbr --append="<%= host_param('bootloader-append') || 'nofb quiet splash=quiet' %>" <%= @grub_pass %>

According to, @grub_pass is defined nowhere and the code is dead. Thus, we should change the template to use @host.grub_pass so that people can define grub_grass as a host/hg/global param.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. nowhere to define @grub_pass. The only way to change the booloader password is to clone the template. However, in same cases, people do not want to clone.

Actual results:

Can not define @grub_pass to pass the bootloader password

Expected results:

Can define @grub_pass to pass the password.

Comment 1 Oleh Fedorenko 2021-04-22 13:02:25 UTC
There is `grub_pass` macro available to be used in the template. Probably it's a typo which uses @grup_pass variable instead of the macro. I'd suggest to use the macro instead (it also does proper option assignment instead of possible wrongly set @grub_pass or host.grub_pass).

Comment 2 Oleh Fedorenko 2021-04-22 13:06:48 UTC
Created redmine issue from this bug

Comment 3 Bryan Kearney 2021-04-22 16:05:02 UTC
Upstream bug assigned to ofedoren

Comment 4 Bryan Kearney 2021-04-22 16:05:05 UTC
Upstream bug assigned to ofedoren

Comment 5 Bryan Kearney 2021-04-27 16:05:00 UTC
Moving this bug to POST for triage into Satellite since the upstream issue has been resolved.

Comment 6 Ondrej Gajdusek 2021-08-03 17:20:30 UTC

Satellite 6.10.0 snap 10

Grub password is now derived from the password of the root user. BZ1989231 requests differentiation between root and bootloader passwords.
However if the user sets the password and provisions the host, the Anaconda installer refuses to proceed to installation due to the invalid format of the bootloader password. BZ1989232 filed to fix this issue.
If the user updates the root password while having the `encrypt_grub` parameter set to 'true' already, only the root password is changed to the right format and bootloader password changes to a string that is different from the rootpw. BZ1989233 filed for this issue.

Additional information:
BZ1989666 created for documentation of the `encrypt_grub` parameter.

Comment 9 errata-xmlrpc 2021-11-16 14:10:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.10 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

Note You need to log in before you can comment on or make changes to this bug.