Feature #21875

Add support for sha512 grub passwords to provisioning templates

Added by Dmitri Dolguikh 7 months ago. Updated 8 days ago.

Status:Closed
Priority:Normal
Assignee:Dmitri Dolguikh
Category:-
Target version:1.17.0
Difficulty: Team Backlog:
Triaged: Fixed in Releases:
Bugzilla link: Found in Releases:
Pull request:https://github.com/theforeman/foreman/pull/5082

Description

This is required in order to work on systems operating in FIPS mode. Grub doesn't support hashes other than MD5, while grub2 defaults to SHA512.


Related issues

Related to Foreman - Feature #3511: As a security person, I would like Foreman to run in FIP... New 10/25/2013
Related to Foreman - Bug #23621: fips mode breaks ESXi deployment Closed 05/17/2018

Associated revisions

Revision 133bba3f
Added by Dmitri Dolguikh 7 months ago

Fixes #21875 - added support for sha512 grub passwords

All new hosts provisioned using default and rhel
kickstarts will use sha512 grub passwords from
now on.

History

#1 Updated by Dmitri Dolguikh 7 months ago

  • Related to Feature #3511: As a security person, I would like Foreman to run in FIPS mode added

#2 Updated by Dmitri Dolguikh 7 months ago

  • Subject changed from Replace grub with grub2 in provisioning templates to Add support for sha512 grub passwords to provisioning templates

#3 Updated by The Foreman Bot 7 months ago

  • Assignee set to Dmitri Dolguikh
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/5082 added

#4 Updated by Dmitri Dolguikh 7 months ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#5 Updated by Marek Hulán 7 months ago

  • Legacy Backlogs Release (now unused) set to 296

#6 Updated by Timo Goebel 2 months ago

  • Related to Bug #23621: fips mode breaks ESXi deployment added

Also available in: Atom PDF