Actions
Feature #2929
closed
Generate CR encryption key during package installation
Description
In #2424, compute resource passwords gained the ability to be encrypted. This requires that a key is generated and existing passwords are encrypted via the new rake tasks.
rake security:generate_encryption_key # Generate new encryption key
rake db:compute_resources:decrypt # Decrypt compute resource fields
rake db:compute_resources:encrypt # Encrypt compute resource fieldsThe generate task creates a key at ~foreman/config/initializers/encryption_key.rb but I suggest for the purposes of packaging, we move this to /etc/foreman after it's created and symlink it back into place. Ensure permissions are tight.
Updated by Dominic Cleal over 10 years ago
- Related to Feature #2424: encrypt compute resource password added
Updated by Dominic Cleal over 10 years ago
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
Updated by Lukas Zapletal over 10 years ago
- Target version changed from 1.3.0 to 1.4.0
Updated by
Updated by Dominic Cleal over 10 years ago
- Target version changed from 1.10.0 to 1.9.3
Updated by Dominic Cleal about 10 years ago
Debian: https://github.com/theforeman/foreman-packaging/pull/191
RPMs to follow.
Updated by Dominic Cleal about 10 years ago
- Status changed from Assigned to Ready For Testing
Updated by Anonymous about 10 years ago
- Target version changed from 1.9.0 to 1.8.4
Updated by Dominic Cleal about 10 years ago
- translation missing: en.field_release set to 4
Updated by Lukas Zapletal about 10 years ago
- Status changed from Ready For Testing to Closed
Merged as fab676e.
Actions