← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1771198] Re: Support disable_root-esque behaviour for other users

 

** Changed in: cloud-init
       Status: Triaged => Fix Released

** Also affects: cloud-init (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: cloud-init (Ubuntu Cosmic)
   Importance: Undecided
       Status: New

** Also affects: cloud-init (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: cloud-init (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Changed in: cloud-init (Ubuntu Cosmic)
       Status: New => Fix Released

** Changed in: cloud-init (Ubuntu Cosmic)
     Assignee: (unassigned) => Chad Smith (chad.smith)

** Changed in: cloud-init (Ubuntu Bionic)
       Status: New => Triaged

** Changed in: cloud-init (Ubuntu Xenial)
       Status: New => Triaged

** Merge proposal linked:
   https://code.launchpad.net/~chad.smith/cloud-init/+git/cloud-init/+merge/354496

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1771198

Title:
  Support disable_root-esque behaviour for other users

Status in cloud-init:
  Fix Released
Status in cloud-init package in Ubuntu:
  Fix Released
Status in cloud-init source package in Xenial:
  Triaged
Status in cloud-init source package in Bionic:
  Triaged
Status in cloud-init source package in Cosmic:
  Fix Released

Bug description:
  When building Ubuntu cloud images, we prefer to name the default user
  "ubuntu" where possible, to maintain a consistent user experience
  between substrates.  Some clouds, however, like to have a consistent
  user name across all of their various image offerings.  This is an
  inherent conflict.  One way in which we have agreed to resolve this is
  to use the messaging that the disable_root behaviour currently
  provides on the cloud-specific user, to point to the ubuntu user.
  This means, at least, that users are given some direction (rather than
  being left wondering if their instance has provisioned correctly, or
  if their SSH keys are invalid, or &c.)

  I propose a new cloud.cfg key named "ssh_disable_users" which defines
  a list of users.  For each of these users, cloud-init will ensure they
  exist, and configure the system so that users SSH'ing to that user
  will be redirected to the default user (a la disable_root behaviour
  currently).

  (`disable_root: True` would translate as `ssh_disable_users:
  ["root"]`.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1771198/+subscriptions


References