Bug #9775
closed
CR encryption key not loaded before it's checked, encryption is disabled
Description
In Foreman 1.8/nightlies, since #4478, the compute resource password encryption key isn't being used and so CR passwords are stored and loaded only in plain text.
The key is stored in an initialiser (config/initializers/encryption_key.rb, locally generated during package installation) which should be loaded before the Encryptable concern is loaded. The Encryptable concern is a no-op if the key isn't initialised already.
#4478 added config/initializers/apipie.rb which is calling ComputeResource.providers, leading to earlier loading of Encryptable (used in ComputeResource), before the encryption key initialiser is reached (as 'apipie' < 'encryption_key').
Thanks to Daniel Lobato Garcia for reporting this to foreman-security@googlegroups.com.
Updated by Dominic Cleal about 10 years ago
Daniel adds:
- `foreman-rake security:generate_encryption_key` doesn't run by
default because of the permissions set by the installer. `Permission
denied - /usr/share/foreman/config/initializers/encryption_key.rb`
This works correctly during package installation, it's just a post-install issue that prevents you re-running it. I'll file this separately as it's a low priority and impact bug.
Before 1.8, I think we should address this. I've naively renamed the
initializer to 0_encrypted_key.rb and it fixes the issue. Before 1.8:
- We should document Compute Resource encryption through
EncryptionKey in the manual.
- There should be tests for the tasks that deal with this.
- Tests for should ensure the initializer runs before the concern is
loaded.
Renaming the initialiser certainly works, though as it's a locally created file then we'll need to handle this in packaging somehow - a bit messy. Renaming the apipie initialiser might be easier!
Updated by Dominic Cleal about 10 years ago
#9771 is caused by the same issue I believe. The Encryptable concern isn't being loaded due to the initialiser reordering, so the encrypt rake task is failing as the concern methods aren't present.
Updated by Dominic Cleal about 10 years ago
- Description updated (diff)
- Private changed from Yes to No
Updated by Dominic Cleal about 10 years ago
- Related to Feature #4478: API docs need to be localized added
Updated by Dominic Cleal about 10 years ago
- Has duplicate Bug #9771: undefined method `encryptable_fields' during db migrate added
Updated by Dominic Cleal about 10 years ago
- Related to Feature #2424: encrypt compute resource password added
Updated by Daniel Lobato Garcia about 10 years ago
Can confirm #9771 is completely related, as when I make the initializer load earlier it does work.
Updated by Dominic Cleal about 10 years ago
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
Updated by The Foreman Bot about 10 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2248 added
- Pull request deleted (
)
Updated by
Updated by Dominic Cleal about 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 1fcea0e919384f9f0f384d450ecac571d5953c82.