Bug 35400 – root / Administrator password

Bug 35400 - root / Administrator password


Summary:	root / Administrator password

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	UCS Installer
Version:	UCS 4.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.0
Assigned To:	Philipp Hahn
QA Contact:	Drees Dormann

URL:
Keywords:	interim-1

Depends on:
Blocks:	43066
	Show dependency tree / graph

Reported:	2014-07-17 15:36 CEST by Philipp Hahn
Modified:	2016-11-28 11:28 CET (History)
CC List:	3 users (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Philipp Hahn

2014-07-17 15:36:04 CEST

The new UCS installer asks for the root password itself.
When later running USS we either need to
- ask for it again,
- use a different password for the LDAP administrator,
- or move the question to USS itself and set a random password in the installer, to prevent remote ssh logins (on the other hand that might be useful.)

Comment 1 Stefan Gohmann

2014-07-17 16:21:23 CEST

As discussed with Alex, the installer should set an UCR variable and USS should skip the password question.

Comment 2 Philipp Hahn

2014-07-23 09:21:04 CEST

Definitly not in UCR.
Maybe better through /var/lib/univention-ldap/root.secret.

Comment 3 Alexander Kläser

2014-07-23 10:06:25 CEST

(In reply to Philipp Hahn from comment #2)
> Definitly not in UCR.
> Maybe better through /var/lib/univention-ldap/root.secret.

Yep, and a flag is set via UCR to indicate that the password field is hidden in the wizard.

Comment 4 Florian Best

2014-07-23 10:18:27 CEST

FYI: The UMC-Server core provides the neat functionnality that every user can read all UCR variables without having the UCR UMC module installed, it is just enough to be authenticated.

Comment 5 Philipp Hahn

2014-07-24 10:56:52 CEST

r13284: root password is stashed in /var/lib/univention-ldap/root.secret (unless only a pre-encrypted password is supplied by pre-seeding).

Comment 6 Philipp Hahn

2014-08-22 15:07:32 CEST

r13471: 06user-setup needs to be called before USS is started

Package: user-setup
Version: 1.48.7.201408221501
Branch: ucs_4.0-0

Comment 7 Drees Dormann

2014-08-26 15:58:52 CEST

ok

Comment 8 Stefan Gohmann

2014-11-26 06:55:05 CET

UCS 4.0-0 has been released:
 http://docs.univention.de/release-notes-4.0-0-en.html
 http://docs.univention.de/release-notes-4.0-0-de.html

If this error occurs again, please use "Clone This Bug".