I recently noticed that provisioned systems had the wrong root password. I
have never explicitly set the password anywhere but in the global
"Settings" under the Provisioning tab. I did some digging in the Rails
console and found most of my Hostgroups have an explicit root password set
that does not match the one I use globally. I looked in the audit system
and saw that some of the hostgroups had root password changed by me. I
KNOW I did not do this, so either this is some kind of bug or somehow some
form "autofill" put values into the Root Password field when I updated a
hostgroup. It's also possible my account was exposed thanks to the
Can the root password be reset for a hostgroup in the Foreman interface? I
am on 1.4.2.
If the root password can't be changed via the interface, is it safe to set
it to 'nil' in the Rails console?