Bug 958532 - Drop the obfuscation of database password
Summary: Drop the obfuscation of database password
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3.3.0
Assignee: Alon Bar-Lev
QA Contact: Jiri Belka
URL:
Whiteboard: integration
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-05-01 18:51 UTC by Alon Bar-Lev
Modified: 2015-09-22 13:09 UTC (History)
13 users (show)

Fixed In Version: is1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-01-21 22:18:08 UTC
oVirt Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 14568 0 None None None Never
oVirt gerrit 14741 0 None None None Never

Description Alon Bar-Lev 2013-05-01 18:51:39 UTC 
Discussed at:
http://lists.ovirt.org/pipermail/engine-devel/2013-April/004397.html
http://lists.ovirt.org/pipermail/engine-devel/2013-April/004411.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004412.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004413.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004414.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004417.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004421.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004422.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004423.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004426.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004428.html
http://lists.ovirt.org/pipermail/engine-devel/2013-May/004429.html

Summary:
Currently we store password as clear text and obfuscated.
We should remove the obfuscated password.

Dependency:
Log collector should be adjusted as well.
Comment 1 Alon Bar-Lev 2013-05-09 12:31:44 UTC 
Hi Kiril,

Please complete the log-collector migration.

Algorithm:

1. Read: /etc/ovirt-engine/enigne.conf[.d/*]

If there is DB_PASSWORD then take:

DB_HOST
DB_PORT
DB_USER
DB_PASSWORD
DB_DATABASE
[DB_SECURED]

2. Otherwise continue as usual (process /etc/ovirt-engine/.pgpass)

Thanks!
Comment 2 Alon Bar-Lev 2013-05-09 12:33:01 UTC 
My mistake... prefix ENGINE_ to all the above variable.
Comment 3 Sandro Bonazzola 2013-05-16 06:46:10 UTC 
log-collector migrated.
Comment 4 Alon Bar-Lev 2013-05-16 06:50:27 UTC 
Thanks Sandro!

Modified per future rebase.
Comment 5 Jiri Belka 2013-10-30 13:21:54 UTC 
ok, is20.1.
Comment 6 Itamar Heim 2014-01-21 22:18:08 UTC 
Closing - RHEV 3.3 Released
Comment 7 Itamar Heim 2014-01-21 22:24:33 UTC 
Closing - RHEV 3.3 Released
Note You need to log in before you can comment on or make changes to this bug.