yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #56389
[Bug 1609899] Re: salt minion module writes minion keys to the wrong directory
** Also affects: cloud-init (Ubuntu)
Importance: Undecided
Status: New
** Changed in: cloud-init (Ubuntu)
Status: New => Fix Released
** Changed in: cloud-init (Ubuntu)
Importance: Undecided => Medium
** Also affects: cloud-init (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: cloud-init (Ubuntu Xenial)
Status: New => In Progress
** Changed in: cloud-init (Ubuntu Xenial)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1609899
Title:
salt minion module writes minion keys to the wrong directory
Status in cloud-init:
Fix Released
Status in cloud-init package in Ubuntu:
Fix Released
Status in cloud-init source package in Xenial:
In Progress
Bug description:
Cloud-init's salt minion module writes minion.pem, and minion.pub to
the wrong directory. Salt-minion expects them in /etc/salt/pki/minion,
but /etc/salt/pki is used by cloud-init's salt minion module. Somehow
in the past this worked out, and the files would be moved to
/etc/salt/pki/minion. This part I don't understand, but currently on
Ubuntu 16.04 Xenial with cloud-init 0.7.7 it doesn't work out. What
happens is cloud-init writes to /etc/salt/pki, and salt-minion ignores
the /etc/salt/pki files and writes it's own /etc/salt/pki/minion
files. This results in the salt minion generated keys being rejected
by the salt master.
Current:
pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki')
Fixed:
pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki/minion')
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1609899/+subscriptions
References