On Sun, Jan 26, 2014 at 4:29 PM, Yaniv Dary wrote:
----- Original Message -----
From: "Gianluca Cecchi"
[snip]
Ok, digging into /bin/ovirt-engine-reports-setup I see that actually the password is written in clear text inside file /usr/share/ovirt-engine-reports/reports/users/ovirt-002dadmin.xml
This was only due to setup failing in the middle, this is improved in 3.4 and you won't see that anymore.
Not a great security choice, also because the file is currently readable by everyone on the system (and "rpm -qVv" doesn't complain about its permissions). I was then able to connect to reports portal and to see some output reports...
Gianluca
Ok. see also my NOTES from the previous e-mail about possible improvements: Thanks Gianluca " NOTES: - keep an eye about ovirt-engine not restarted after reports setup error, not a good thing IMHO - in patched file I see some lines above "logging.debug("Imporing users")" without the "t" So when it happens to further modify the file you can put this type fix too... - in main reports page if you click on "Need help logging in?" link, the pop-up says "rhevm-admin" instead of what setup specified as "ovirt-admin" (none of these logins works: (Please choose a password for the reports admin user(s) (ovirt-admin): ) "