- Red Hat Enterprise Virtualization (RHEV) 3.1
- Red Hat Enterprise Virtualization (RHEV) 3.2
- After installation, I need to change the postgres password for my RHEV 3.1/3.2 environment. How do I do this?
- Log in as root to the RHEV Manager server's console.
Ensure that the PGPASSFILE environment variable is set in root's .bashrc file upon login or run the following command to set it for the current session only:
# export PGPASSFILE=/etc/ovirt-engine/.pgpass
Use the command line utility psql to run the following commands:
To change the "engine" user (the postgres admin) password:
# psql -U postgres -d template1 --no-password -c "ALTER USER engine WITH PASSWORD E'new password with special characters escaped'"
To change the "postgres" user (non-admin postgres user) password:
# psql -U postgres -d template1 --no-password -c "ALTER USER postgres WITH PASSWORD E'new password with special characters escaped'"
For example, to change the passwords to
# psql -U postgres -d template1 --no-password -c "ALTER USER engine WITH PASSWORD E'JhtETF\\!6h'" ALTER ROLE # psql -U postgres -d template1 --no-password -c "ALTER USER postgres WITH PASSWORD E'JhtETF\\!6h'" ALTER ROLE
Now, stop the RHEV Manager service:
# service ovirt-engine stop
Change the passwords stored in the database passwords file: /etc/ovirt-engine/.pgpass. Note that this file can only be accessed as root.
- The format is
localhost:5432:<db>:<user>:<password>but to keep it simple, just update any place you see the old password with the new password.
- The format is
Now the password needs to be encrypted for RHEV Manager to use.
For RHEV 3.1, type:
# cd /usr/share/jbossas # java -cp modules/org/picketbox/main/picketbox.jar:bin/client/jboss-client.jar org.picketbox.datasource.security.SecureIdentityLoginModule <new_password>
For RHEV 3.2, type:
# cd /usr/share/jbossas # java -cp modules/system/layers/base/org/picketbox/main/picketbox.jar:bin/client/jboss-client.jar org.picketbox.datasource.security.SecureIdentityLoginModule <new_password>
Note: The java command will output an encrypted password
Edit the file /etc/sysconfig/ovirt-engine and replace the value of
ENGINE_DB_PASSWORDwith the output of the previous step.
Optional: If the ovirt-engine-dwhd service (RHEVM Reports) is installed and running, the values in the /etc/ovirt-engine/ovirt-engine-dwh/Default.properties file will need to be changed as well:
The final step is to start the RHEV Manager service again:
# service ovirt-engine start
What is the difference between the "engine" user and the "postgres" user?
- The "engine" user is used by the RHEV Manager application to access the engine database
- The "postgres" user is the superuser for the postgresql instance. In a RHEV environment, this user is typically not used but it can be handy to set this password to be the same as the "engine" user.
Equivalent article for 3.0:
- Red Hat Virtualization
- Learn more
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.