Project

General

Profile

Feature #21875

Add support for sha512 grub passwords to provisioning templates

Added by Dmitri Dolguikh 11 months ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Category:
-
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

This is required in order to work on systems operating in FIPS mode. Grub doesn't support hashes other than MD5, while grub2 defaults to SHA512.


Related issues

Related to Foreman - Feature #3511: As a security person, I would like Foreman to run in FIPS modeResolved
Related to Foreman - Bug #23621: fips mode breaks ESXi deploymentClosed2018-05-17

Associated revisions

Revision 133bba3f (diff)
Added by Dmitri Dolguikh 10 months ago

Fixes #21875 - added support for sha512 grub passwords

All new hosts provisioned using default and rhel
kickstarts will use sha512 grub passwords from
now on.

History

#1 Updated by Dmitri Dolguikh 11 months ago

  • Related to Feature #3511: As a security person, I would like Foreman to run in FIPS mode added

#2 Updated by Dmitri Dolguikh 10 months ago

  • Subject changed from Replace grub with grub2 in provisioning templates to Add support for sha512 grub passwords to provisioning templates

#3 Updated by The Foreman Bot 10 months ago

  • Assignee set to Dmitri Dolguikh
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/5082 added

#4 Updated by Dmitri Dolguikh 10 months ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#5 Updated by Marek Hulán 10 months ago

  • Legacy Backlogs Release (now unused) set to 296

#6 Updated by Timo Goebel 5 months ago

  • Related to Bug #23621: fips mode breaks ESXi deployment added

Also available in: Atom PDF