Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-18456

Passwords cannot be configured in OCB pools

    XMLWordPrintable

Details

    • Moderate
    • No
    • MCO Sprint 241, MCO Sprint 242, MCO Sprint 243, MCO Sprint 244
    • 4
    • False
    • Hide

      None

      Show
      None

    Description

      Description of problem:

      In OCB pools, when we create a MC to configure a password for the "core" user the password is not configured.

      Version-Release number of selected component (if applicable):

      $ oc get clusterversion
      NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
      version   4.14.0-0.nightly-2023-08-30-191617   True        False         5h38m   Cluster version is 4.14.0-0.nightly-2023-08-30-191617
      

      How reproducible:

      Alwasy

      Steps to Reproduce:

      1. Enable on-cluster build on "worker" pool.
      2. Create a MC to configure the "core" user password
      
      apiVersion: machineconfiguration.openshift.io/v1
      kind: MachineConfig
      metadata:
        creationTimestamp: "2023-09-01T09:51:14Z"
        generation: 1
        labels:
          machineconfiguration.openshift.io/role: worker
        name: tc-59417-test-core-passwd-tx2ndvcd
        resourceVersion: "105610"
        uid: 1f7a4de1-6222-4153-a46c-d1a17e5f89b1
      spec:
        config:
          ignition:
            version: 3.2.0
          passwd:
            users:
            - name: core
              passwordHash: $6$uim4LuKWqiko1l5K$QJUwg.4lAyU4egsM7FNaNlSbuI6JfQCRufb99QuF082BpbqFoHP3WsWdZ5jCypS0veXWN1HDqO.bxUpE9aWYI1   # password coretest
      
      
      
      3. Wait for the configuration to be built and applied
      

      Actual results:

      The password is not configured for the core user
      
      In a worker node:
      
      We can't login using the new password
      
      $ oc debug node/sregidor-sr3-bfxxj-worker-a-h5b5j.c.openshift-qe.internal
      Warning: metadata.name: this is used in the Pod's hostname, which can result in surprising behavior; a DNS label is recommended: [must be no more than 63 characters]
      Starting pod/sregidor-sr3-bfxxj-worker-a-h5b5jcopenshift-qeinternal-debug-cb2gh ...
      To use host binaries, run `chroot /host`
      chPod IP: 10.0.128.2
      If you don't see a command prompt, try pressing enter.
      sh-4.4# chroot /host
      sh-5.1# su core
      [core@sregidor-sr3-bfxxj-worker-a-h5b5j /]$ su core
      Password: 
      su: Authentication failure
      
      
      The password is not configured:
      
      sh-5.1# cat /etc/shadow |grep core
      systemd-coredump:!!:::::::
      core:*:19597:0:99999:7:::
      
      
      

      Expected results:

      The password should be configured and we should be able to login to the nodes using the user "core" and the configured password.

      Additional info:

       

      Attachments

        Activity

          People

            dkhater@redhat.com Dalia Khater
            sregidor@redhat.com Sergio Regidor de la Rosa
            Sergio Regidor de la Rosa Sergio Regidor de la Rosa
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: