[ https://issues.apache.org/jira/browse/CLOUDSTACK-2792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13798752#comment-13798752 ]
ASF subversion and git services commented on CLOUDSTACK-2792: ------------------------------------------------------------- Commit 484d6c4eb741c882e1cc512ab35918d694e855c7 in branch refs/heads/master from [~yasker] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=484d6c4 ] CLOUDSTACK-2792: Call savepassword.sh inside VR Also only set password when password service is running, thus avoid setting for redundant router BACKUP router. > Redundant router: Password is reset again after fail-over happened > ------------------------------------------------------------------ > > Key: CLOUDSTACK-2792 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2792 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Affects Versions: 4.0.0 > Reporter: Sheng Yang > Assignee: Sheng Yang > Fix For: 4.2.1 > > > Consider this scenario with RVR and "Password protected" VM: > ============================================================ > 1. Both Master and Backup is running. > 2. We reset the password on VM > 3. Both Master and Backup have password; for example say; "password1" > 4. VM boots up and requests for password; receives it from Master VR > 5. Master VR sets the password to Saved_Password and Backup VR continues to > keep "password1" > 6. Backup VR goes down; it had password as "password1" > 7. Maste VR is running > 8. We reset the password; so the password is only changed to Master VR (as > Backup VR is down); for example "password2" > 9. VM boots up and requests the password; gets it as "password2" > 10. Master VR sets the password to be Saved_Password > 11. Now Master VR goes down > 12. Backup VR was brought online (it still has "password1") > 13. Now we reboot the VM > 14. It sends a password request > 15. Backup VR (which is only available now; so is Master) sends the password > as > "password1" > User tries to login as "password2" and he cannot; unless we reset the password > again. -- This message was sent by Atlassian JIRA (v6.1#6144)