yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #36715
[Bug 1464253] Re: [SRU] CloudStack data source will always set password to "HTTP/1.0 200 OK" on CloudStack 4.5.1 and later
This bug was fixed in the package cloud-init - 0.7.7~bzr1091-0ubuntu4
---------------
cloud-init (0.7.7~bzr1091-0ubuntu4) vivid; urgency=medium
* d/patches/lp-1456684-eu-central-1.patch: Add central as a direction for
EC2 availability zones (LP: #1456684).
* d/patches/lp-1464253-handle-new-cloudstack-passwords.patch: Handle both
old and new CloudStack password servers (LP: #1464253).
* d/patches/lp-1475215-fix-cloudsigma-cepko.patch: Fix CloudSigma datasource
under Python 3 (LP: #1475215).
* d/patches/lp-1463373-fix-apt-gpg-key-fetching.patch: Fix a Python 3
problem with the writing out of the script that fetches GPG keys for apt
repos (LP: #1463373).
-- Daniel Watkins <daniel.watkins@xxxxxxxxxxxxx> Mon, 29 Jun 2015
12:48:33 +0100
** Changed in: cloud-init (Ubuntu Vivid)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1464253
Title:
[SRU] CloudStack data source will always set password to "HTTP/1.0 200
OK" on CloudStack 4.5.1 and later
Status in cloud-init:
Fix Committed
Status in cloud-init package in Ubuntu:
Fix Released
Status in cloud-init source package in Precise:
Fix Released
Status in cloud-init source package in Trusty:
Fix Released
Status in cloud-init source package in Utopic:
Won't Fix
Status in cloud-init source package in Vivid:
Fix Released
Status in cloud-init source package in Wily:
Fix Released
Bug description:
First reported in https://bugs.launchpad.net/ubuntu/+source/cloud-
init/+bug/1440263/comments/6
Older versions of CloudStack return the password as the first thing on
the socket after an HTTP request (eschewing the tradition of HTTP
response headers), which is what we take and use.
This lack of proper HTTP headers has been fixed in ACS 4.5.1, which
means we will always use the status line of the HTTP response as the
password.
[Impact]
Ubuntu instances deployed on more recent versions of CloudStack will always set the root password to "HTTP/1.0 200 OK".
[Test Case]
Launch an instance in a recent CloudStack environment and try to log in using "HTTP/1.0 200 OK" and the password provided by the environment. The former should fail and the latter should work.
[Regression Potential]
This change moves to using wget rather than our own custom client, which is more inline with CloudStack's own scripting around this. We shouldn't regress on new or old CloudStack environments.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1464253/+subscriptions