Description of problem: User can be created through RPC with password length less then 5 characters. Version-Release number of selected component (if applicable): redhat-rhn-satellite-5.3-server-x86_64-5-embedded-oracle SpaceWalk 1.1 How reproducible: USE_PAM=1 PASSWORD='test' user.create(key, LOGIN, PASSWORD, FIRST_NAME, LAST_NAME, EMAIL, USE_PAM) Steps to Reproduce: 1. 2. 3. Actual results: User is created. Expected results: Could not create user: <Fault -1: 'redstone.xmlrpc.XmlRpcFault: unhandled internal exception: Passwords must be at least 5 characters.'> Additional info:
Running this script: --- #!/usr/bin/perl use strict; use warnings; use Frontier::Client; my ($username, $password) = ("admin", "password"); my $client = new Frontier::Client(url => "http://127.0.0.1/rpc/api"); my $session = $client->call("auth.login", $username, $password); my $apiver = $client->call('api.getVersion'); my $sysver = $client->call('api.systemVersion'); print "api.getVersion: $apiver, api.systemVersion: $sysver\n"; $client->call('user.create', $session, 'coec', 'pwd', 'Colin', 'Coe', 'colin.coe', 0); $client->call('auth.logout', $session); --- outputs this on Spacewalk 1.1 (git) --- api.getVersion: 10.11, api.systemVersion: 1.1 Fault returned from XML RPC Server, fault code -1: redstone.xmlrpc.XmlRpcFault: unhandled internal exception: Passwords must be at least 5 characters. :: Logins must be no shorter than 5 characters. --- and this on Satellite v5.3 --- api.getVersion: 10.8, api.systemVersion: 5.3.0 Fault returned from XML RPC Server, fault code -1: redstone.xmlrpc.XmlRpcFault: unhandled internal exception: Passwords must be at least 5 characters. :: Logins must be no shorter than 5 characters. ---
I think the problem will appear if last argument is 1: $client->call('user.create', $session, 'coec', 'pwd', 'Colin', 'Coe', 'colin.coe', 1);
I think this is OK. For PAM enabled users, Satellite is going to ignore the password you put in when the user is created. IMOOO, the webUI should allow any length passwords for PAM enabled users. CC
Actually, what made me thinking that this could be an issue was the the fact that WebUI does not allow you to create PAM user with password length less than 5 characters and via RPC is possible.