yahoo-eng-team team mailing list archive

[Chad Smith <1798189@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

/run/cloud-init/instance-data.json & instance-data-sensitive.json not
regenerated on upgrade.

Between cloud-init from 18.3-9 -> 18.4.0 cloud-init transitioned from a
single sensitive  /run/cloud-init/instance-data.json  that was read-only
root to two separate files:  /run/cloud-init/instance-data-
sensitive.json (root readable) and  /run/cloud-init/instance-data.json
(world readable).

cloud-init query subcommand attempts to read the instance-data.json when
getuid is non-root, and instance-data-sensitive.json when getuid is
root.

Since /run/cloud-init/instance-data*json is only regenerated on reboot,
"cloud-init query" after an upgrade emits the following errors

# as non-root
ubuntu@mybox $ cloud-init query --all
ERROR: Missing instance-data.json file: /run/cloud-init/instance-data.json

# as root user
ubuntu@mybox $ sudo cloud-init query --all
ERROR: Missing instance-data.json file: /run/cloud-init/instance-data-sensitive.json

** Affects: cloud-init
     Importance: Medium
         Status: Confirmed

** Description changed:

  /run/cloud-init/instance-data.json & instance-data-sensitive.json not
  regenerated on upgrade.
- 
  
  Between cloud-init from 18.3-9 -> 18.4.0 cloud-init transitioned from a
  single sensitive  /run/cloud-init/instance-data.json  that was read-only
  root to two separate files:  /run/cloud-init/instance-data-
  sensitive.json (root readable) and  /run/cloud-init/instance-data.json
  (world readable).
- 
  
  cloud-init query subcommand attempts to read the instance-data.json when
  getuid is non-root, and instance-data-sensitive.json when getuid is
  root.
  
  Since /run/cloud-init/instance-data*json is only regenerated on reboot,
  "cloud-init query" after an upgrade emits the following errors
  
  # as non-root
- ubuntu@mybox $ cloud-init query 
+ ubuntu@mybox $ cloud-init query --all
  ERROR: Missing instance-data.json file: /run/cloud-init/instance-data.json
  
  # as root user
- ubuntu@mybox $ sudo cloud-init query 
+ ubuntu@mybox $ sudo cloud-init query --all
  ERROR: Missing instance-data.json file: /run/cloud-init/instance-data-sensitive.json

** Changed in: cloud-init
   Importance: Undecided => Medium

** Changed in: cloud-init
       Status: New => Confirmed

** Summary changed:

- cloud-init query: /run/cloud/instance-data.json wrong perms on upgrade
+ cloud-init query: /run/cloud/instance-data.json no regenerated on upgrade

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1798189

Title:
  cloud-init query: /run/cloud/instance-data.json no regenerated on
  upgrade

Status in cloud-init:
  Confirmed

Bug description:
  /run/cloud-init/instance-data.json & instance-data-sensitive.json not
  regenerated on upgrade.

  Between cloud-init from 18.3-9 -> 18.4.0 cloud-init transitioned from
  a single sensitive  /run/cloud-init/instance-data.json  that was read-
  only root to two separate files:  /run/cloud-init/instance-data-
  sensitive.json (root readable) and  /run/cloud-init/instance-data.json
  (world readable).

  cloud-init query subcommand attempts to read the instance-data.json
  when getuid is non-root, and instance-data-sensitive.json when getuid
  is root.

  Since /run/cloud-init/instance-data*json is only regenerated on
  reboot, "cloud-init query" after an upgrade emits the following errors

  # as non-root
  ubuntu@mybox $ cloud-init query --all
  ERROR: Missing instance-data.json file: /run/cloud-init/instance-data.json

  # as root user
  ubuntu@mybox $ sudo cloud-init query --all
  ERROR: Missing instance-data.json file: /run/cloud-init/instance-data-sensitive.json

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1798189/+subscriptions