rel-eng/packages/spacewalk-config | 2
spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml | 8 +--
spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml | 2
spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml | 8 +--
spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf | 4 -
spacewalk/config/spacewalk-config.spec | 21 +---------
spacewalk/setup/bin/spacewalk-setup | 10 +++-
7 files changed, 23 insertions(+), 32 deletions(-)
New commits:
commit a764585d33392841f6fbb4e3782ccf408bee09de
Author: Devan Goodwin <dgoodwin(a)redhat.com>
Date: Tue Jul 28 21:02:25 2009 -0300
Automatic commit of package [spacewalk-config] release [0.6.12-1].
diff --git a/rel-eng/packages/spacewalk-config b/rel-eng/packages/spacewalk-config
index ecde219..c464613 100644
--- a/rel-eng/packages/spacewalk-config
+++ b/rel-eng/packages/spacewalk-config
@@ -1 +1 @@
-0.6.11-1 spacewalk/config/
+0.6.12-1 spacewalk/config/
diff --git a/spacewalk/config/spacewalk-config.spec
b/spacewalk/config/spacewalk-config.spec
index a9edc7e..e9640f5 100644
--- a/spacewalk/config/spacewalk-config.spec
+++ b/spacewalk/config/spacewalk-config.spec
@@ -2,7 +2,7 @@
Name: spacewalk-config
Summary: Spacewalk Configuration
-Version: 0.6.11
+Version: 0.6.12
Release: 1%{?dist}
URL:
http://fedorahosted.org/spacewalk
Source0:
https://fedorahosted.org/releases/s/p/spacewalk/%{name}-%{version}.tar.gz
@@ -98,6 +98,9 @@ EOF
%changelog
+* Tue Jul 28 2009 Devan Goodwin <dgoodwin(a)redhat.com> 0.6.12-1
+- Better jabberd password replacement for upgrades. (dgoodwin(a)redhat.com)
+
* Mon Jul 27 2009 Devan Goodwin <dgoodwin(a)redhat.com> 0.6.11-1
- Populate Hibernate settings in rhn.conf for both Oracle and PostgreSQL.
(dgoodwin(a)redhat.com)
commit b2a1b020f50c6f6dc8eeaebce9779a26bc0eafb9
Author: Devan Goodwin <dgoodwin(a)redhat.com>
Date: Tue Jul 28 20:48:21 2009 -0300
Better jabberd password replacement for upgrades.
Use spacewalk-setup macro replacement to replace jabberd default
passwords. Will fare better for upgrades than an rpm post script.
diff --git a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml
b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml
index 8b76c1a..b069296 100644
--- a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml
+++ b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml
@@ -15,7 +15,7 @@
<!-- Username/password to authenticate as -->
<user>jabberd</user> <!-- default: jabberd -->
- <pass>@@pass@@</pass> <!-- default: secret -->
+ <pass>@@jabberDOTdbpass@@</pass> <!-- default: secret
-->
<!-- File containing an SSL certificate and private key to use when
setting up an encrypted channel with the router. From
@@ -379,7 +379,7 @@
<!-- Database username and password -->
<user>jabberd2</user>
- <pass>45296ce7aeb79751a83413fca6af2612e95a2fb6</pass>
+ <pass>@@jabberDOTdbpass@@</pass>
<!-- Passwords in DB may be stored in plain or hashed format -->
<!-- NOTE: If you are using hashed passwords, the only auth
@@ -414,7 +414,7 @@
<!-- Database username and password -->
<user>jabberd2</user>
- <pass>45296ce7aeb79751a83413fca6af2612e95a2fb6</pass>
+ <pass>@@jabberDOTdbpass@@</pass>
</pgsql>
<!-- Oracle driver configuration -->
@@ -428,7 +428,7 @@
<!-- Database username and password -->
<user>jabberd2</user>
- <pass>45296ce7aeb79751a83413fca6af2612e95a2fb6</pass>
+ <pass>@@jabberDOTdbpass@@</pass>
</oracle>
<!-- SQLite driver configuration -->
diff --git a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml
b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml
index 1a05ae3..4f10c11 100644
--- a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml
+++ b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml
@@ -16,7 +16,7 @@
<!-- Username/password to authenticate as -->
<user>jabberd</user> <!-- default: jabberd -->
- <pass>@@pass@@</pass> <!-- default: secret -->
+ <pass>@@jabberDOTdbpass@@</pass> <!-- default: secret
-->
<!-- The router will only allow one component to be the default
route (ie the component that receives packets destined for
diff --git a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml
b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml
index 6b9bb1f..19ddb92 100644
--- a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml
+++ b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml
@@ -17,7 +17,7 @@
<!-- Username/password to authenticate as -->
<user>jabberd</user> <!-- default: jabberd -->
- <pass>@@pass@@</pass> <!-- default: secret -->
+ <pass>@@jabberDOTdbpass@@</pass> <!-- default: secret
-->
<!-- File containing an SSL certificate and private key to use when
setting up an encrypted channel with the router. From
@@ -109,7 +109,7 @@
<!-- Database username and password -->
<user>jabberd2</user>
- <pass>@@pass@@</pass>
+ <pass>@@jabberDOTdbpass@@</pass>
<!-- Transacation support. If this is commented out, transactions
will be disabled. This might make database accesses faster,
@@ -140,7 +140,7 @@
<!-- Database username and password -->
<user>jabberd2</user>
- <pass>@@pass@@</pass>
+ <pass>@@jabberDOTdbpass@@</pass>
<!-- Transacation support. If this is commented out, transactions
will be disabled. This might make database accesses faster,
@@ -172,7 +172,7 @@
<!-- Database username and password -->
<user>jabberd2</user>
- <pass>@@pass@@</pass>
+ <pass>@@jabberDOTdbpass@@</pass>
</oracle>
<!-- SQLite driver configuration -->
diff --git a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf
b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf
index e76b32d..b82fb00 100644
--- a/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf
+++ b/spacewalk/config/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf
@@ -86,8 +86,8 @@ osa-dispatcher.osa_ssl_cert = @@osadispatcherDOTosa_ssl_cert@@
# set up a username and password for the dispatcher to connect to the
# jabber network
-osa-dispatcher.jabber_username = @@jabberDOTusername@@
-osa-dispatcher.jabber_password = @@jabberDOTpassword@@
+osa-dispatcher.jabber_username = @@osadispatcherDOTusername@@
+osa-dispatcher.jabber_password = @@osadispatcherDOTpassword@@
# Enable Solaris support
diff --git a/spacewalk/config/spacewalk-config.spec
b/spacewalk/config/spacewalk-config.spec
index 1645a3b..a9edc7e 100644
--- a/spacewalk/config/spacewalk-config.spec
+++ b/spacewalk/config/spacewalk-config.spec
@@ -96,22 +96,6 @@ export ORACLE_HOME=/opt/oracle
export NLS_LANG=english.AL32UTF8
EOF
-if [ "$1" -eq "1" ]; then
- #replace default passwords, yes its kinda hackish
- export NEWPASS=$( dd if=/dev/urandom bs=20 count=1 2>/dev/null \
- | sha1sum | awk '{print $1}' )
- %{__sed} -i -f- %{_sysconfdir}/jabberd/*.xml <<END
-s,<secret>.*</secret>,<secret>$NEWPASS</secret>,g
-END
- %{__sed} -i -f- %{_sysconfdir}/jabberd/*.xml <<END
-s,<pass>.*</pass>,<pass>$NEWPASS</pass>,g
-END
- %{__sed} -i -f- %{_sysconfdir}/sysconfig/rhn-satellite-prep/etc/jabberd/*.xml
<<END
-s,<pass>@@pass@@</pass>,<pass>$NEWPASS</pass>,g
-END
-
-fi
-
%changelog
* Mon Jul 27 2009 Devan Goodwin <dgoodwin(a)redhat.com> 0.6.11-1
diff --git a/spacewalk/setup/bin/spacewalk-setup b/spacewalk/setup/bin/spacewalk-setup
index e221126..9fc9ce3 100755
--- a/spacewalk/setup/bin/spacewalk-setup
+++ b/spacewalk/setup/bin/spacewalk-setup
@@ -965,6 +965,9 @@ sub populate_initial_configs {
$jabberdLibDir = "/usr/lib64/jabberd";
}
+ # Generate a random password for jabberd:
+ my $jabberdRouterPassword = `dd if=/dev/urandom bs=20 count=1 2>/dev/null | sha1sum
| awk '{print \$1}'`;
+
my %config_opts =
(
mount_point => $answers->{'mount-point'} || '/var/satellite',
@@ -975,7 +978,6 @@ sub populate_initial_configs {
webDOTis_monitoring_backend => 0,
webDOTis_monitoring_scout => 0,
webDOTenable_solaris_support => 0,
- jabberDOThostname => $answers->{hostname},
osadispatcherDOTosa_ssl_cert =>
'/var/www/html/pub/RHN-ORG-TRUSTED-SSL-CERT',
encrypted_passwords => 1,
default_db => sprintf('%s/%s@%s', @{$answers}{qw/db-user db-password
db-sid/}),
@@ -989,9 +991,11 @@ sub populate_initial_configs {
hibernate_driver => $hibernate_driver,
hibernate_url => $hibernate_url,
traceback_mail => $answers->{'admin-email'},
- jabberDOTusername => 'rhn-dispatcher-sat',
+ jabberDOThostname => $answers->{hostname},
jabberDOTlibdir => $jabberdLibDir,
- jabberDOTpassword => 'rhn-dispatcher-' . random_password(6),
+ jabberDOTdbpass => $jabberdRouterPassword,
+ osadispatcherDOTusername => 'rhn-dispatcher-sat',
+ osadispatcherDOTpassword => 'rhn-dispatcher-' . random_password(6),
serverDOTsatelliteDOTca_chain => '/usr/share/rhn/RHNS-CA-CERT',
serverDOTnls_lang => 'english.' . $charset,
server_secret_key => generate_secret(),