cloud-init-dev team mailing list archive

Thread
Date

[Merge] lp:~ccosby/cloud-init/cloud-init into lp:cloud-init

To: mp+260485@xxxxxxxxxxxxxxxxxx
From: Chris Cosby <ccosby@xxxxxxxxx>
Date: Thu, 28 May 2015 14:13:28 -0000
Reply-to: mp+260485@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Chris Cosby has proposed merging lp:~ccosby/cloud-init/cloud-init into lp:cloud-init.

Requested reviews:
  cloud init development team (cloud-init-dev)

For more details, see:
https://code.launchpad.net/~ccosby/cloud-init/cloud-init/+merge/260485

Add option checking for ssh_pwauth to bring behavior inline with the description cloud-config.txt example.

To test:
try1: set "ssh_pwauth: unchanged"
expect1: /etc/ssh/sshd_config is unchanged

try2: set "ssh_pwauth: "
expect2: /etc/ssh/sshd_config is unchanged

previous behavior:
setting ssh_pwauth to unchanged or '' or empty value would result in an empty value in the PasswordAuthentication line and sshd would fail to start
-- 
Your team cloud init development team is requested to review the proposed merge of lp:~ccosby/cloud-init/cloud-init into lp:cloud-init.

=== modified file 'cloudinit/config/cc_set_passwords.py'
--- cloudinit/config/cc_set_passwords.py	2015-02-11 01:50:45 +0000
+++ cloudinit/config/cc_set_passwords.py	2015-05-28 14:12:44 +0000
@@ -45,8 +45,6 @@
         password = util.get_cfg_option_str(cfg, "password", None)
 
     expire = True
-    pw_auth = "no"
-    change_pwauth = False
     plist = None
 
     if 'chpasswd' in cfg:
@@ -104,11 +102,24 @@
     change_pwauth = False
     pw_auth = None
     if 'ssh_pwauth' in cfg:
-        change_pwauth = True
         if util.is_true(cfg['ssh_pwauth']):
+            change_pwauth = True
             pw_auth = 'yes'
-        if util.is_false(cfg['ssh_pwauth']):
+        elif util.is_false(cfg['ssh_pwauth']):
+            change_pwauth = True
             pw_auth = 'no'
+        elif str(cfg['ssh_pwauth']).lower() == 'unchanged':
+            log.debug('Leaving auth line unchanged')
+            change_pwauth = False
+        elif not str(cfg['ssh_pwauth']).strip():
+            log.debug('Leaving auth line unchanged')
+            change_pwauth = False
+        elif not cfg['ssh_pwauth']:
+            log.debug('Leaving auth line unchanged')
+            change_pwauth = False
+        else:
+            util.logexc(log, 'Unrecognized value %r for ssh_pwauth' % cfg['ssh_pwauth'])
+
 
     if change_pwauth:
         replaced_auth = False

Follow ups

[Merge] lp:~ccosby/cloud-init/cloud-init into lp:cloud-init
From: noreply, 2016-03-14
Re: [Merge] lp:~ccosby/cloud-init/cloud-init into lp:cloud-init
From: Scott Moser, 2016-03-14