Red Hat Bugzilla – Bug 989924
Default kickstart templates should not include "--enablemd5"
Last modified: 2018-02-05 19:41:31 EST
Provisioning a system using Beaker's default kickstart templates (for most distros) calls "auth --enableshadow --enablemd5" (or the authconfig equivalent for older distros).
We really shouldn't do that :)
To handle tests that rely on this existing behaviour, we should offer a ks_meta options to let people specify particular auth settings in the job XML, and then leave the platform defaults alone if the ks_meta setting isn't provided.
(In reply to Nick Coghlan from comment #0)
> To handle tests that rely on this existing behaviour, we should offer a
> ks_meta options to let people specify particular auth settings in the job
> XML, and then leave the platform defaults alone if the ks_meta setting isn't
So IIUC, what we are looking to do is, do not add auth --enableshadow --enablemd5 is not explicitly specified by the job for Fedora, RHEL4/5/7 for which we currently do that. RHEL6 doesn't have a default authconfig or auth command in the kickstart.
So, basically this "fix" will:
1. Do not add the above command if not asked to do so
2. Support a ks_meta option to do so.
Does that sound right?
On Gerrit: http://gerrit.beaker-project.org/#/c/2182/
Beaker 0.15 has been released.
This change has been nominated to be back ported to the 0.14 branch, to be released as part of the next maintenance release 0.14.2.
Adjusting target milestone to make the changes backported to 0.14.2 easier to identify. 0.15.0 has enough significant regressions that it shouldn't be used, so the change means that 0.15.1 can be effectively reidentified as the union of that tag and the 0.14.2 target milestone.
Closing as addressed in Beaker 0.14.2.