Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xcatha.py set up weak password for database access by default #25

Open
neo954 opened this issue Jun 13, 2018 · 2 comments
Open

xcatha.py set up weak password for database access by default #25

neo954 opened this issue Jun 13, 2018 · 2 comments
Labels
bug HA low

Comments

@neo954
Copy link

neo954 commented Jun 13, 2018

This bug is against xcatha.py commit 6e4c13e.

When the end user choose to use xcatha.py -s to set up his/her xCAT management with MariaDB or PostgreSQL database, the script xcatha.py with use a plain word cluster as the database password. I believe this behavior is improper, and may lead the security problem.

I suggest use a random and strong word as the database password. And it will be write to xCAT configuration file /etc/xcat/cfgloc. This will be much better.

xcatdb_password={'XCATPGPW':'cluster','XCATMYSQLADMIN_PW':'cluster','XCATMYSQLROOT_PW':'cluster'}
@neo954
Copy link
Author

neo954 commented Jun 13, 2018

Refer to xcat2/xcat2-task-management#163

@bybai bybai added the low label Jun 13, 2018
@bybai
Copy link
Contributor

bybai commented Jun 13, 2018

The pr is low.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug HA low
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bybai @neo954