Project

General

Profile

Task #7545

Secure test service passwords in LDAP configuration

Added by Chris Jones over 6 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ben Leinfelder
Category:
-
Start date:
2015-12-15
Due date:
% Done:

100%

Estimated time:
0.00 h
Story Points:
Sprint:

Description

Matt requested that we no longer use cleartext easy passwords for the test CN deployments. Change the password for test installations of OpenLDAP. Add these passwords to SystemPW.txt.gpg. Make sure everyone involved in CN deployments know where to find the new passwords.

Also, change the rootpw entry in slapd.conf to use an encrypted password rather than plaintext. In the postinst for the dataone-cn-os-core buildout, secure the slapd.conf file with:

chmod 0600 $LDAP_CONF_DIR/slapd.conf*


Subtasks

Task #7556: Use hashed rootpw in slapd.confClosedBen Leinfelder

Task #7557: Restrict read access to slapd.confClosedBen Leinfelder


Related issues

Related to Infrastructure - Story #7559: Develop plan for securing application passwords in the CN stack New 2015-12-15

History

#1 Updated by Chris Jones over 6 years ago

  • Target version changed from CCI-2.0.1 to CCI-2.0.2

#2 Updated by Ben Leinfelder over 6 years ago

  • Assignee changed from Chris Jones to Ben Leinfelder
  • Description updated (diff)

updated scope of description for 2.0.2

#3 Updated by Ben Leinfelder over 6 years ago

  • Subject changed from Change test service passwords and secure LDAP configuration to Secure test service passwords in LDAP configuration

#4 Updated by Ben Leinfelder over 6 years ago

  • Description updated (diff)

#5 Updated by Ben Leinfelder over 6 years ago

  • Related to Story #7559: Develop plan for securing application passwords in the CN stack added

#6 Updated by Ben Leinfelder over 6 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

LDAP is now [more] securely configured.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)