Feature #1392
closed
change root password back to system wide defaults
Description
Foreman 0.4.0
If we go to a host and try and edit or delete the root password then the yaml seems to end up
with something bizarre in it.
root_pw: $1$foreman$mScJrIfRylirlhmRGTArV0
We did not add a $foreman in our password string, in the case below the password was entered as 'abc'.
Attached screenshot shows where we are changing the root password for the kickstart file.
Here is the log entry:
Processing HostsController#update (for 137.138.35.29 at 2011-12-14 12:08:50) [PUT]
Parameters: {"commit"=>"Submit", "action"=>"update", "_method"=>"put", "authenticity_token"=>"idvGaySYtzsszlUcNISGOxHV8Y7tCxrDszSkiGqKjm8=",
"id"=>"lxfssm4403.cern.ch", "controller"=>"hosts", "host"=>{"comment"=>"", "architecture_id"=>"1", "subnet_id"=>"1", "managed"=>"1", "puppetproxy_id"=>"",
"name"=>"lxfssm4403", "host_parameters_attributes"=>{"0"=>{"name"=>"nova_node_availability_zone",
"nested"=>"", "id"=>"154", "value"=>"batch", "_destroy"=>""}}, "sp_mac"=>"", "puppetmaster_name"=>"punch.cern.ch",
"sp_name"=>"", "mac"=>"00:e0:ed:0e:60:ae", "domain_id"=>"1", "enabled"=>"1", "root_pass"=>"[FILTERED]",
"medium_id"=>"6", "hostgroup_id"=>"3", "is_owned_by"=>"20-Users", "ptable_id"=>"9", "sp_subnet_id"=>"", "ip"=>"10.32.22.10",
"environment_id"=>"6", "model_id"=>"4", "disk"=>"", "sp_ip"=>"", "puppetclass_ids"=>[""], "operatingsystem_id"=>"9"}}
Redirected to https://punch.cern.ch/hosts/lxfssm4403.cern.ch
Completed in 35ms (DB: 5) | 302 Found [https://punch.cern.ch/hosts/lxfssm4403.cern.ch]
And finally a related question. Are we meant to adding the root password or the crypt of the password
in this box.
Files
Updated by Greg Sutcliffe about 13 years ago
That looks like a valid salted password to me - certainly my test Managed Hosts have that salt and their password works fine. Can you lon in to the host using the 'abc' password?
You should be entering the plaintext in the Host Edit page - Foreman encrypts it immediately and stores the hash in the db.
Updated by Steve Traylen about 13 years ago
Hi Greg,
Indeed you are quite correct, login to the system is quite possible, 15 years unix and I've learnt something new.
There is still possibly one remaining item. If the password is set as a blank on the host page then the old
password survives. There is good logic to that for sure since it stops people setting blank passwords.
However there is already a a catch all hash within the forman settings itself. Currently it seems to be impossibly to set
a node back to that global value.
Steve.
Updated by Ohad Levy about 13 years ago
- Tracker changed from Bug to Feature
- Subject changed from root password for a host gets mangled? to change root password back to system wide defaults
- Assignee deleted (
Ohad Levy)
basically we want to add a way to clear the customized password.
Updated by Ohad Levy almost 13 years ago
- Assignee set to Ohad Levy
- Target version set to 1.0
Updated by Ohad Levy almost 13 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
Applied in changeset 779d180c851b441107278a99adb759e4425d515b.
Updated by apoeleh apoeleh almost 13 years ago
This is highly informatics, snappy and semitransparent. I cogitate that Everything has been described in systematised variety so that order could get extremum message and take many things
Online Degree
Updated by apoeleh apoeleh over 12 years ago
Nutraslim
Its not the specialistic that pressman moldiness be completely unsegregated with communicator's views around muhammedan. So this is what happened with me, anyways its a hellene try, I retell it. Thanks
free funny ecards