Bug 35400 - root / Administrator password
root / Administrator password
Product: UCS
Classification: Unclassified
Component: UCS Installer
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0
Assigned To: Philipp Hahn
Drees Dormann
: interim-1
Depends on:
Blocks: 43066
  Show dependency treegraph
Reported: 2014-07-17 15:36 CEST by Philipp Hahn
Modified: 2016-11-28 11:28 CET (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted after Product Owner Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2014-07-17 15:36:04 CEST
The new UCS installer asks for the root password itself.
When later running USS we either need to
- ask for it again,
- use a different password for the LDAP administrator,
- or move the question to USS itself and set a random password in the installer, to prevent remote ssh logins (on the other hand that might be useful.)
Comment 1 Stefan Gohmann univentionstaff 2014-07-17 16:21:23 CEST
As discussed with Alex, the installer should set an UCR variable and USS should skip the password question.
Comment 2 Philipp Hahn univentionstaff 2014-07-23 09:21:04 CEST
Definitly not in UCR.
Maybe better through /var/lib/univention-ldap/root.secret.
Comment 3 Alexander Kläser univentionstaff 2014-07-23 10:06:25 CEST
(In reply to Philipp Hahn from comment #2)
> Definitly not in UCR.
> Maybe better through /var/lib/univention-ldap/root.secret.

Yep, and a flag is set via UCR to indicate that the password field is hidden in the wizard.
Comment 4 Florian Best univentionstaff 2014-07-23 10:18:27 CEST
FYI: The UMC-Server core provides the neat functionnality that every user can read all UCR variables without having the UCR UMC module installed, it is just enough to be authenticated.
Comment 5 Philipp Hahn univentionstaff 2014-07-24 10:56:52 CEST
r13284: root password is stashed in /var/lib/univention-ldap/root.secret (unless only a pre-encrypted password is supplied by pre-seeding).
Comment 6 Philipp Hahn univentionstaff 2014-08-22 15:07:32 CEST
r13471: 06user-setup needs to be called before USS is started

Package: user-setup
Branch: ucs_4.0-0
Comment 7 Drees Dormann univentionstaff 2014-08-26 15:58:52 CEST
Comment 8 Stefan Gohmann univentionstaff 2014-11-26 06:55:05 CET
UCS 4.0-0 has been released:

If this error occurs again, please use "Clone This Bug".