Bug #33826: bmc_credentials_accessible hides BMC information in host view - Foreman

Actions

Copy link

Bug #33826

closed

bmc_credentials_accessible hides BMC information in host view

Added by Nacho Barrientos over 2 years ago. Updated over 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

BMC

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/8893

Fixed in Releases:

3.1.0

Found in Releases:

2.4.1

Red Hat JIRA:

Description

The configuration option bmc_credentials_accessible is described in the manual as follows:

By default passwords stored on BMC network interfaces will be visible to other users who can view the host via the ENC YAML preview and accessible through templates, for the purposes of configuring BMC interfaces automatically.

When set to false, all BMC passwords will be redacted in template and ENC output, preventing both users from viewing the passwords directly and also from configuration (or access) in Puppet and other config management tools using the ENC interface. Foreman will continue to use the stored password for BMC power operations.

Note that setting this to false also this requires that safemode_render be enabled, else it could be bypassed.

However this is not completely true, as if this setting is enabled, the power status of a host won't either be displayed in the host view. In other words, if the setting is enabled, host.bmc_available? will always return false.

  def bmc_available?
    ipmi = bmc_nic
    return false if ipmi.nil?
    (ipmi.password.present? && ipmi.username.present? && %w(IPMI Redfish).include?(ipmi.provider)) || ipmi.provider == 'SSH'
  end

Source: https://github.com/theforeman/foreman/blob/02a057b02fdad42f4e6d867d1577f1f4b07f40c4/app/models/host/managed.rb#L724

as ipmi.password will be nil due to

    def password
      Setting[:bmc_credentials_accessible] ? password_unredacted : nil
    end

Source: https://github.com/theforeman/foreman/blob/02a057b02fdad42f4e6d867d1577f1f4b07f40c4/app/models/nic/bmc.rb#L40

For us this is not expected behaviour, because whereas we'd like the passwords to be scrubbed from ENC output, we'd like to continue to be able to do power operations using the UI, too. For this Foreman must be able to detect a valid BMC interface on the host in question.

Shouldn't models/host/managed.rb be using password_unredacted instead?

@@ -724,7 +724,7 @@ autopart"', desc: 'to render the content of host partition table'
   def bmc_available?
     ipmi = bmc_nic
     return false if ipmi.nil?
-    (ipmi.password.present? && ipmi.username.present? && %w(IPMI Redfish).include?(ipmi.provider)) || ipmi.provider == 'SSH'
+    (ipmi.password_unredacted.present? && ipmi.username.present? && %w(IPMI Redfish).include?(ipmi.provider)) || ipmi.provider == 'SSH'
   end
   alias_method :bmc_available, :bmc_available?

The issue from the console's POV:

irb(main):031:0> Host.find_by_name('host.example.ch').bmc_available?
=> false
irb(main):032:0> Setting[:bmc_credentials_accessible] = true
=> true
irb(main):033:0> Host.find_by_name('host.example.ch').bmc_available?
=> true