841676 – rhevm-setup defaults secure database connections to no.

Bug 841676 - rhevm-setup defaults secure database connections to no.

Summary: rhevm-setup defaults secure database connections to no.

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine-setup
Sub Component:
Version:	3.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Alon Bar-Lev
QA Contact:	Ilanit Stein
Docs Contact:
URL:
Whiteboard:	integration
Depends On:
Blocks:	815519
TreeView+	depends on / blocked

Reported:	2012-07-19 20:25 UTC by Stephen Gordon
Modified:	2012-12-04 20:02 UTC (History)
CC List:	8 users (show)
Fixed In Version:	si15
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-12-04 20:02:10 UTC
oVirt Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Stephen Gordon 2012-07-19 20:25:39 UTC

Description of problem:

When running rhevm-setup the default option for secure connection when connecting a remote database server is 'no'. I believe it should be 'yes'.

Configure secure connection? ['yes'| 'no']  [no] :

If the default value is in fact intended to be no then we need to provide a rational for that both on screen and in the documentation, because user's are going to wonder why we are asking them not to use a security feature.

Version-Release number of selected component (if applicable):

SI11

Comment 2 Itamar Heim 2012-07-20 13:05:39 UTC

andrew - thoughts?

Comment 8 Moran Goldboim 2012-08-07 12:47:10 UTC

Andrew, can we get the final decision here.

Comment 10 Alon Bar-Lev 2012-08-15 13:40:36 UTC

commit 9d3150fefb96adc0cc93b998617cb2e63e67cd95
Author: Alon Bar-Lev <alonbl>
Date:   Wed Aug 15 15:43:07 2012 +0300

    BZ#841676 packaging: modify secure db connection prompt
    
    Phrase the ssl prompt to a more user friendly prompt, so the default
    'no' may be kept without alerting anyone.
    
    Change-Id: I447c842ff21ef7193b005ff9758572cdd3fe08d0
    Signed-off-by: Alon Bar-Lev <alonbl>

http://gerrit.ovirt.org/#/c/7212/

Comment 13 Itamar Heim 2012-08-16 16:28:28 UTC

just send a patch upstream to fix per the comment you got downstream in this case, i don't see a reason it will casue contention.

Comment 14 Alon Bar-Lev 2012-08-16 18:25:30 UTC

commit 122cd6564da3f4536cb86528617372d95c1643ba
Author: Alon Bar-Lev <alonbl>
Date:   Thu Aug 16 21:18:16 2012 +0300

    BZ#841676 packaging: modify secure db connection prompt
    
    Phrase the ssl prompt to a more user friendly prompt, so the default
    'no' may be kept without alerting anyone.
    
    Alters commit 88bb2185880 with different wording.
    
    Change-Id: Iea03c96997d7fe5b38850015e35f015578c4497b
    Signed-off-by: Alon Bar-Lev <alonbl>

http://gerrit.ovirt.org/#/c/7269/

Comment 15 Ilanit Stein 2012-09-02 09:24:32 UTC

Verified on SI16.

No notification was seen when default "no" was chosen:

Enter DB type for installation ['remote'| 'local']  [local] : remote
Enter the host IP or host name where DB is running: lilach-vdsa.tlv.redhat.vom

Error: the provided hostname is unreachable.

User input failed validation, do you still wish to use it? (yes|no): yes
Enter DB port number  [5432] : 
Enter DB admin user name  [postgres] : 
Remote database password :
Warning: Weak Password.
Confirm password :
Configure secure connection? (make sure SSL is configured on remote database) ['yes'| 'no']  [no] : 

Could not connect to host lilach-vdsa.tlv.redhat.vom with provided credentials. Check that your settings are correct.

Note You need to log in before you can comment on or make changes to this bug.