Alon Bar-Lev has posted comments on this change.
Change subject: core:encrypt vds_static pm_password field on ...
......................................................................
Patch Set 2: (5 inline comments)
....................................................
File backend/manager/dbscripts/upgrade/pre_upgrade/0000_config.sql
Line 65: --Handling PEM File Name
Line 66: select fn_db_add_config_value('CAEngineKey','engine.pem','general');
Line 67: select fn_db_add_config_value('CbcCheckOnVdsChange','false','general');
Line 68: --Handling Certificate alias
Line 69: select fn_db_add_config_value('CertAlias','engine','general');
this should remain '1'
Line 70: --Handling Certificate File Name
Line 71: select
fn_db_add_config_value('CertificateFileName','vdc.pfx','general');
Line 72: select fn_db_add_config_value('CertificateFingerPrint','73 18 22 44 5d
98 b0 5d c0 f7 36 7d f8 1d 85 da e1 3c f1 c6','general');
Line 73: select
fn_db_add_config_value('CertificatePassword','jlOTIS0q5avsg1GaRjf/6/tnEM1pXcCRvNoeJ5MCgHF1kCzcqqhZvzR8Pn/5iBxaKVC7Y4OdA0joXVMLGasVGLnUkxExzNCMT+6QwyFM1L9/0g+1OgGTuMbvYTfEi0jLOFv0xwWDl5MWunPUjZriGEhkiu5d6QJ5ZeEhD4rRooA=','general');
Line 233: select
fn_db_add_config_value('JobCleanupRateInMinutes','10','general');
Line 234: select fn_db_add_config_value('JobPageSize','100','general');
Line 235: select fn_db_add_config_value('keystorePass','mypass','general');
Line 236: --Handling Keystore URL
Line 237: select
fn_db_add_config_value('keystoreUrl','/etc/pki/ovirt-engine/.keystore','general');
this should be keys/engine.p12
Line 238: select fn_db_add_config_value('LdapQueryPageSize','1000','general');
Line 239: select fn_db_add_config_value('LDAPQueryTimeout','30','general');
Line 240: select fn_db_add_config_value('LDAPConnectTimeout','30','general');
Line 241: select fn_db_add_config_value('LDAPOperationTimeout','30','general');
Line 566:
Line 567: select
fn_db_update_config_value('AutoRecoveryAllowedTypes','{\"storage
domains\":\"false\",\"hosts\":\"true\"}','general');
Line 568: select
fn_db_update_config_value('BootstrapMinimalVdsmVersion','4.9','general');
Line 569: select
fn_db_update_config_value('CABaseDirectory','/etc/pki/ovirt-engine','general');
Line 570: select fn_db_update_config_value('CertAlias','engine','general');
should be '1'
Line 571: select fn_db_update_config_value('DBEngine','Postgres','general');
Line 572: select
fn_db_update_config_value('DebugSearchLogging','false','general');
Line 573: select fn_db_update_config_value('DefaultTimeZone','(GMT) GMT
Standard Time','general');
Line 574: select
fn_db_update_config_value('ENGINEEARLib','/usr/share/ovirt-engine/engine.ear','general');
Line 597: COMMIT
Line 598: ','general');
Line 599: select
fn_db_update_config_value('IsMultilevelAdministrationOn','true','general');
Line 600: select fn_db_update_config_value('keystorePass','mypass','general');
Line 601: select
fn_db_update_config_value('keystoreUrl','/etc/pki/ovirt-engine/.keystore','general');
should be keys/engine.p12
Line 602: select
fn_db_update_config_value('MinimalETLVersion','3.1.0','general');
Line 603: select
fn_db_update_config_value('OvirtInitialSupportedIsoVersion','2.5.5','general');
Line 604: select
fn_db_update_config_value('OvirtIsoPrefix','ovirt-node','general');
Line 605: select
fn_db_update_config_value('oVirtISOsRepositoryPath','/usr/share/ovirt-node-iso','general');
....................................................
Commit Message
Line 14: must update them in the DB pre-upgrade step in order to encrypt
passwords
Line 15: successfully.
Line 16:
Line 17: This patch also removes one of those entries from engine-config tool
Line 18: because the entry should be read-only.
Why read-only?
Line 19:
Line 20: Change-Id: I5d2cb10f205a90ae0752498a9a3d3f0eda0ec9fb
--
To view, visit http://gerrit.ovirt.org/9648
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I5d2cb10f205a90ae0752498a9a3d3f0eda0ec9fb
Gerrit-PatchSet: 2
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Eli Mesika <emes...@redhat.com>
Gerrit-Reviewer: Alex Lourie <alou...@redhat.com>
Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com>
Gerrit-Reviewer: Eli Mesika <emes...@redhat.com>
Gerrit-Reviewer: Moran Goldboim <mgold...@redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches
