while trying to set root password on a hostgroup and a host, i was unable to properly use a hostgroup based root_pass hash.

one potential issue is the following code block (from https://github.com/theforeman/foreman/blob/develop/app/models/concerns/host_common.rb#L109)

   unencrypted_pass = if kind_of?(Hostgroup)
                         read_attribute(:root_pass)
                       else
                         root_pass
                       end

since root_pass will always return value (as its either the host specific pass or the parent hostgroup pass), this has a potential side effect of creating a new hash, based on the parent hash, therefor disconnecting the host root_password (without the ability to reconnect in the ui).

steps to reproduce:

1. set a hostgroup password.
2. create a new host without a root password but associated to the hostgroup from step 1.

notice that host has a root password value in its db record.

warning, there might be other issues :)