yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #74695
[Bug 1771198] Re: Support disable_root-esque behaviour for other users
** Changed in: cloud-init
Status: Triaged => Fix Released
** Also affects: cloud-init (Ubuntu)
Importance: Undecided
Status: New
** Also affects: cloud-init (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: cloud-init (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: cloud-init (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: cloud-init (Ubuntu Cosmic)
Status: New => Fix Released
** Changed in: cloud-init (Ubuntu Cosmic)
Assignee: (unassigned) => Chad Smith (chad.smith)
** Changed in: cloud-init (Ubuntu Bionic)
Status: New => Triaged
** Changed in: cloud-init (Ubuntu Xenial)
Status: New => Triaged
** Merge proposal linked:
https://code.launchpad.net/~chad.smith/cloud-init/+git/cloud-init/+merge/354496
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1771198
Title:
Support disable_root-esque behaviour for other users
Status in cloud-init:
Fix Released
Status in cloud-init package in Ubuntu:
Fix Released
Status in cloud-init source package in Xenial:
Triaged
Status in cloud-init source package in Bionic:
Triaged
Status in cloud-init source package in Cosmic:
Fix Released
Bug description:
When building Ubuntu cloud images, we prefer to name the default user
"ubuntu" where possible, to maintain a consistent user experience
between substrates. Some clouds, however, like to have a consistent
user name across all of their various image offerings. This is an
inherent conflict. One way in which we have agreed to resolve this is
to use the messaging that the disable_root behaviour currently
provides on the cloud-specific user, to point to the ubuntu user.
This means, at least, that users are given some direction (rather than
being left wondering if their instance has provisioned correctly, or
if their SSH keys are invalid, or &c.)
I propose a new cloud.cfg key named "ssh_disable_users" which defines
a list of users. For each of these users, cloud-init will ensure they
exist, and configure the system so that users SSH'ing to that user
will be redirected to the default user (a la disable_root behaviour
currently).
(`disable_root: True` would translate as `ssh_disable_users:
["root"]`.)
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1771198/+subscriptions
References