Feature #2929: Generate CR encryption key during package installation - Foreman

Actions

Copy link

Feature #2929

closed

Generate CR encryption key during package installation

Added by Dominic Cleal over 10 years ago. Updated almost 6 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Dominic Cleal

Category:

Packaging

Target version:

1.5.0

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

In #2424, compute resource passwords gained the ability to be encrypted. This requires that a key is generated and existing passwords are encrypted via the new rake tasks.

rake security:generate_encryption_key     # Generate new encryption key
rake db:compute_resources:decrypt         # Decrypt compute resource fields
rake db:compute_resources:encrypt         # Encrypt compute resource fields

The generate task creates a key at ~foreman/config/initializers/encryption_key.rb but I suggest for the purposes of packaging, we move this to /etc/foreman after it's created and symlink it back into place. Ensure permissions are tight.

Related issues 1 (0 open — 1 closed)

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Custom queries

Feature #2929

Generate CR encryption key during package installation

Updated by Dominic Cleal over 10 years ago

Updated by Dominic Cleal over 10 years ago

Updated by Lukas Zapletal over 10 years ago

Updated by Greg Sutcliffe over 10 years ago

Updated by Anonymous over 10 years ago

Updated by Dominic Cleal over 10 years ago

Updated by Anonymous over 10 years ago

Updated by Anonymous about 10 years ago

Updated by Dominic Cleal about 10 years ago

Updated by Dominic Cleal about 10 years ago

Updated by Anonymous about 10 years ago

Updated by Dominic Cleal about 10 years ago

Updated by Lukas Zapletal about 10 years ago