Project

General

Profile

Actions

User story #2527

closed

Document procedure to change default passwords in a Rudder installation

Added by Jonathan CLARKE over 12 years ago. Updated almost 10 years ago.

Status:
Released
Priority:
1 (highest)
Assignee:
Matthieu CERDA
Category:
Documentation
Target version:
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:

Description

As of now, the Rudder packages and other scripts assume that some passwords are fixed, so many components are accessible using standard passwords. This is obvisouly a security risk, and will be fixed automatically in the next version (2.5.0). See also #860 that will fix this automatically for the 2.5.0 version.

For now, we must document this and provide a simple procedure to change these passwords in the documentation.

A (maybe) non exhaustive list :
  • The WebDAV password, defined in apache config and the inventory PT
  • The OpenLDAP password defined in slapd.conf and rudder-web.properties and inventory-web.properties
  • The PSQL password, defined in PSQL and rudder-web.properties
Actions #1

Updated by Matthieu CERDA over 12 years ago

  • Status changed from 2 to Pending technical review
  • % Done changed from 0 to 100

Applied in changeset commit:de77aac64c7852b6aacb6f4a7e876071d9a63db6.

Actions #2

Updated by Jonathan CLARKE over 12 years ago

  • Status changed from Pending technical review to 10
Actions #3

Updated by Jonathan CLARKE over 12 years ago

  • Status changed from 10 to Released
Actions #4

Updated by Benoît PECCATTE almost 10 years ago

  • Project changed from 30 to Rudder
  • Category set to Documentation
Actions

Also available in: Atom PDF