Feature #2929: Generate CR encryption key during package installation - Foreman

Feature #2929

Generate CR encryption key during package installation

Added by Dominic Cleal almost 10 years ago. Updated almost 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Packaging

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

In #2424, compute resource passwords gained the ability to be encrypted. This requires that a key is generated and existing passwords are encrypted via the new rake tasks.

rake security:generate_encryption_key     # Generate new encryption key
rake db:compute_resources:decrypt         # Decrypt compute resource fields
rake db:compute_resources:encrypt         # Encrypt compute resource fields

The generate task creates a key at ~foreman/config/initializers/encryption_key.rb but I suggest for the purposes of packaging, we move this to /etc/foreman after it's created and symlink it back into place. Ensure permissions are tight.

Related issues

Associated revisions

Revision c5f9c1ac (diff)
Added by Dominic Cleal over 9 years ago

refs #2929 - generate encryption key and encrypt data in postinstall

Revision fab676e8 (diff)
Added by Dominic Cleal about 9 years ago

fixes #2929 - generate encryption key and encrypt data in postinstall

History

#1 Updated by Dominic Cleal almost 10 years ago

Related to Feature #2424: encrypt compute resource password added

#2 Updated by Dominic Cleal almost 10 years ago

Status changed from New to Assigned
Assignee set to Dominic Cleal

#3 Updated by Lukas Zapletal over 9 years ago

Target version changed from 1.3.0 to 1.4.0

#4 Updated by Greg Sutcliffe over 9 years ago

Target version deleted (~~1.4.0~~)

#5 Updated by Anonymous over 9 years ago

Target version set to 1.10.0

#6 Updated by Dominic Cleal over 9 years ago

Target version changed from 1.10.0 to 1.9.3

#7 Updated by Anonymous over 9 years ago

Target version deleted (~~1.9.3~~)

#8 Updated by Anonymous over 9 years ago

Target version set to 1.9.0

#9 Updated by Dominic Cleal over 9 years ago

Debian: https://github.com/theforeman/foreman-packaging/pull/191

RPMs to follow.

#10 Updated by Dominic Cleal over 9 years ago

Status changed from Assigned to Ready For Testing

https://github.com/theforeman/foreman/pull/1275

#11 Updated by Anonymous about 9 years ago

Target version changed from 1.9.0 to 1.8.4

#12 Updated by Dominic Cleal about 9 years ago

Legacy Backlogs Release (now unused) set to 4

#13 Updated by Lukas Zapletal about 9 years ago

Status changed from Ready For Testing to Closed

Merged as fab676e.

Also available in: Atom PDF