The default password in settings is not encoded
If i want to deploy a host via api the default password set in settings is not encoded in the template.
In the operating system i´ve set base64-windows as root password hash for my hosts, but it gets ignored when i use the api to deploy hosts. If i use the webgui it works fine.
#1 Updated by Richard Stempfl 10 months ago
To better describe the error:
I have set a default password in the settings that will be used for new hosts.
I have set a password hash (Base64-windows) in the relevant OS (Windows)
When creating a host with this OS and the default password from the settings, the template for this host does not have a encoded password the password is in plain text.(Should be Base64-windows encoded)
The vm can not be installed completely with this because this OS expects a password encoded
This happens only if i create a host via api. (hammer & FAM & CURL)
If you go to "preview template" the rendered template shows:
<AdministratorPassword> <Value>PLAIN_TEXT_PASSWORD</Value> <PlainText>false</PlainText> </AdministratorPassword>
#2 Updated by Bernhard Suttner 10 months ago
If you start a 'foreman-rake console' and analyze the root_pass.
Host created via GUI:
Host created via API (hammer):
#3 Updated by Bernhard Suttner 10 months ago
In case of API creation of host:
Found out that root_pass_changed? method https://github.com/theforeman/foreman/blob/develop/app/models/host/base.rb#L614 is false and therefore the method password_base64_encrypted? returns true -> password is already base64.
I would prefer to determine if string is base64 but this is not save - except we mark base64 encoded passwords with something like <b64> in the root_pass.