William Schumann wrote: > Default values for user and root passwords were not encrypted as called > for in: > > - 4246 The user and root password are not encrypted in SC manifest > > http://cr.opensolaris.org/~wmsch/bug-6622/ > http://defect.opensolaris.org/bz/show_bug.cgi?id=6622 > > Edited default.xml in SUNW-installadm-tools to provide usable encrypted > passwords as described in bug report. > > user: jack password:jack > root password: opensolaris > > Also added code to provide the same values if they are absent from the > SC manifest for whatever reason. > > Informational debugging message in Orchestrator can now display the > passwords, since they are encrypted. > > Tested default.xml changes going into SUNWinstalladm-tools package on > x86 and SPARC. > Tested new auto-install and liborchestrator on x86 and SPARC. Deleted > entries from SC manifest and software generated correct default values. > _______________________________________________ > caiman-discuss mailing list > caiman-discuss at opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/caiman-discuss
William, Set the commit comment prior to generating the webrev. (I used to forget to do this too. ;) Everything looks good... Just some nits. Hope this helps! Joe usr/src/cmd/ai-webserver/default.xml ++++++++++++++++++++++++++++++++++++ Suggestion, Please consider: ---------------------------- Is it considered safe to store encrypted defaults? What if the encryption algorithm changes? Since you added code to provide the defaults perhaps it might be safest to not list the encrypted defaults in the manifest. Question: --------- Do/should we provide a mechanism or instructions for a user to generate the encrypted passwords if they want something besides the defaults? usr/src/cmd/auto-install/auto_install.c +++++++++++++++++++++++++++++++++++++++ Comments on line 580 and 598 are the same. 598 should be changed from: 598 /* load user name from manifest or 'jack' */ To: 598 /* load user login name from manifest or 'jack' */
