yahoo-eng-team team mailing list archive

[Launchpad Bug Tracker <1717627@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package cloud-init - 0.7.9-283-g7eb3460b-
0ubuntu1

---------------
cloud-init (0.7.9-283-g7eb3460b-0ubuntu1) artful; urgency=medium

  * New upstream snapshot.
    - ec2: Fix maybe_perform_dhcp_discovery to use /var/tmp as a tmpdir
      [Chad Smith] (LP: #1717627)
    - Azure: wait longer for SSH pub keys to arrive.
      [Paul Meyer] (LP: #1717611)

 -- Scott Moser <smoser@xxxxxxxxxx>  Mon, 18 Sep 2017 20:41:53 -0400

** Changed in: cloud-init (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1717627

Title:
  permission denied when executing dhclient in Ec2 datasource

Status in cloud-init:
  Fix Committed
Status in cloud-init package in Ubuntu:
  Fix Released

Bug description:
  in the ec2 datasource, cloud-init runs dhclient from a tmp file in
  order to avoid apparmor restrictions and side affects.

  In a change for bug 1707222 we started using /run/cloud-init for tmpfiles.
  /run is mounted noexec.  See example:

  $ sudo /run/cloud-init/tmp/dhclient -1 -v -lf /run/cloud-init/tmp/cloud-init-dhcp-bs6g4xkw/dhcp.leases -pf /run/cloud-init/tmp/cloud-init-dhcp-bs6g4xkw/dhclient.pid eth0 -sf /bin/true
  sudo: unable to execute /run/cloud-init/tmp/dhclient: Permission denied

  So, we need a tmp file in a place that allows execution.

  Related bugs:
   * bug 1709772: Enable ipv6 support on EC2
   * bug 1707222: usage of /tmp during boot is not safe may get files deleted.
   * bug 1717627: permission denied executing dhclient from /run

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1717627/+subscriptions