Red Hat Bugzilla – Bug 995531
When installing via kickstart with encrypted sha512 rootpw line, Anaconda ignores the password and prompts for root password to be set
Last modified: 2015-07-22 02:21:23 EDT
Description of problem:
In RHEL 5, when using a sha512 encryption password on the 'rootpw' line via kickstart RHEL would still prompt to confirm the root password during an interactive install, but would populate the field with the encrypted line, however in RHEL 6, the prompt remains however the encrypted password does not actually populate, causing a new password to have to be chosen.
Version-Release number of selected component (if applicable):
100% of the time
Steps to Reproduce:
1. Create a kickstart with the following lines for 'rootpw' and 'authconfig' and for an interactive install:
rootpw --iscrypted $6$l5NetPTsAjasrUal$etQQS2blHKGpF7IzfPHH0PcJi9.z6VaMJowb49i7KdSKPe.as7Pcb1C50gkQxT7O5NNe2dJAjdJYueM69Cf4Q.
authconfig --enableshadow --passalgo=sha512
2. Boot off of RHEL 6.4 installation media
3. Add ks= line for kickstart file (served locally *or* remotely)
4. Let install start, follow prompts during interactive portion and await root password prompt without encrypted password populated
Root password prompt is empty
Root password prompt is populated with encrypted password, similar to RHEL 5 behavior
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
(In reply to BJ Walker from comment #0)
> rootpw --iscrypted
> authconfig --enableshadow --passalgo=sha512
With anaconda-13.21.232 and the above kickstart, the user is presented with the root password screen and the password is already populated. I didn't change it and went forward. Installation complated. /etc/shadow uses the same encrypted line. Moving to VERIFIED.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.