Bug 41340 - no password for noVNC web console configurable like in ucs 3 with Xen
no password for noVNC web console configurable like in ucs 3 with Xen
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Virtualization - UVMM
UCS 4.1
Other Linux
: P5 normal (vote)
: UCS 4.1-2-errata
Assigned To: Philipp Hahn
Erik Damrose
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-05-25 12:43 CEST by Tobias Birkefeld
Modified: 2016-09-21 21:21 CEST (History)
5 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 2: Improvement: Would be a product improvement
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.023
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
damrose: Patch_Available+


Attachments
patch for noVNC password option (2.30 KB, patch)
2016-05-25 12:43 CEST, Tobias Birkefeld
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Birkefeld univentionstaff 2016-05-25 12:43:47 CEST
Created attachment 7685 [details]
patch for noVNC password option

In UCS 3 exist a UCR variable "xen/vnc/password" to set a password for the web noVNC console.
This option is missing in UCS 4 under qemu/KVM.

I added this option in /etc/libvirt/qemu.conf with the attached patch.
Comment 1 Philipp Hahn univentionstaff 2016-05-26 17:52:21 CEST
r69567 | Bug #41340 uvmm: Add support for global VNC password
Comment 2 Philipp Hahn univentionstaff 2016-05-27 11:08:48 CEST
Package: univention-virtual-machine-manager-node
Version: 4.0.1-3.95.201605271058
Branch: ucs_4.1-0
Scope: errata4.1-2

r69580 | Bug #41340 uvmm: Add support for global VNC password YAML
 univention-virtual-machine-manager-node.yaml
Comment 3 Erik Damrose univentionstaff 2016-05-30 13:39:25 CEST
OK: Configure passwort
OK: works with noVNC + external VNC viewers
OK: yaml

Reopen: Please clarify the UCR documentation. In my tests the behavior was as follows:
.Set global password per UCR: A password configured for an individual instance has to be entered for a VNC connection for this instance. This means that VNC is not deactivated globally is an empty string is configured for UCR uvmm/kvm/vnc/password.
The current ucr doc reads like a per instance password is only possible if the global password is not set.
Comment 4 Florian Best univentionstaff 2016-05-30 13:51:40 CEST
Maybe mention that everybody can read UCR therefore one should not store valuable passwords in UCR.
Comment 5 Philipp Hahn univentionstaff 2016-05-31 09:46:55 CEST
r69628 | Bug #41340: Improve description for global VNC password

Package: univention-virtual-machine-manager-node
Version: 4.0.1-4.96.201605310938
Branch: ucs_4.1-0
Scope: errata4.1-2

r69629 | Bug #41340: Improve description for global VNC password YAML
 univention-virtual-machine-manager-node.yaml
Comment 6 Erik Damrose univentionstaff 2016-05-31 11:19:20 CEST
OK: Updated UCR info
OK: yaml
-> Verified
Comment 7 Janek Walkenhorst univentionstaff 2016-06-02 13:15:49 CEST
<http://errata.software-univention.de/ucs/4.1/189.html>