← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1609899] Re: salt minion module writes minion keys to the wrong directory

 

** Also affects: cloud-init (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: cloud-init (Ubuntu)
       Status: New => Fix Released

** Changed in: cloud-init (Ubuntu)
   Importance: Undecided => Medium

** Also affects: cloud-init (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: cloud-init (Ubuntu Xenial)
       Status: New => In Progress

** Changed in: cloud-init (Ubuntu Xenial)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1609899

Title:
  salt minion module writes minion keys to the wrong directory

Status in cloud-init:
  Fix Released
Status in cloud-init package in Ubuntu:
  Fix Released
Status in cloud-init source package in Xenial:
  In Progress

Bug description:
    Cloud-init's salt minion module writes minion.pem, and minion.pub to
  the wrong directory. Salt-minion expects them in /etc/salt/pki/minion,
  but /etc/salt/pki is used by cloud-init's salt minion module. Somehow
  in the past this worked out, and the files would be moved to
  /etc/salt/pki/minion. This part I don't understand, but currently on
  Ubuntu 16.04 Xenial with cloud-init 0.7.7 it doesn't work out. What
  happens is cloud-init writes to /etc/salt/pki, and salt-minion ignores
  the /etc/salt/pki files and writes it's own /etc/salt/pki/minion
  files. This results in the salt minion generated keys being rejected
  by the salt master.

  Current:
  pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki')

  Fixed:
  pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki/minion')

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1609899/+subscriptions


References