← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1869306] Re: Users module errors for users of same SSH key type with existing user

 

Actually I think that may have been a red herring, I think "-
name:trent" was the actual problem: that's parsed as ["name:trent"], not
{"name": "trent"}.  Which then means that the parser expects the
following line to be a list item, and it's a mapping item, hence the
blow up.

Regardless, glad you got this sorted!

** Changed in: cloud-init
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1869306

Title:
  Users module errors for users of same SSH key type with existing user

Status in cloud-init:
  Invalid

Bug description:
  I'm starting an instance (tried both centos and ubuntu) in AWS with
  user_data similar to the following:

  users:
    - name: bob
      sudo: ALL=(ALL) NOPASSWD:ALL
      groups: users
      lock_passwd: true
      ssh_authorized_keys:
       - ssh-rsa some-ssh-pubkey-xxxxxxxxx
    - name: alice
      sudo: ALL=(ALL) NOPASSWD:ALL
      groups: users
      lock_passwd: true
      ssh_authorized_keys:
       - ssh-rsa some-ssh-pubkey-xxxxxxxxx
    - name: mallory
      sudo: ALL=(ALL) NOPASSWD:ALL
      groups: users
      lock_passwd: true
      ssh_authorized_keys:
       - ssh-rsa some-ssh-pubkey-xxxxxxxxx
    - name: trent
      sudo: ALL=(ALL) NOPASSWD:ALL
      groups: users
      lock_passwd: true
      ssh_authorized_keys:
       - ssh-ed25519 some-ssh-pubkey-xxxxxxxxx

  Two things are special in this case.  Mallory made herself a user
  account on the box before baking the original image, and Trent has an
  ECC key (the rest are using RSA).

  Upon running this in AWS, only Trent gets created.  The only
  discernible error I have seen is:

    File "/usr/lib/python2.7/site-packages/cloudinit/ssh_util.py", line 208, in us
  ers_ssh_info
      pw_ent = pwd.getpwnam(username)
  KeyError: 'getpwnam(): name not found: alice'

  Trent can log in and see that his key has been created, but literally
  every other user who is using an RSA SSH key hasn't had their user
  created.  Compounding it, Mallory doesn't have a login but still
  retains her home directory.

  The fix for this entails making a user "mallory2" and leaving mallory
  alone.  When this happens, all users get created (though mallory's
  original account is missing other than /home).  I've also tried making
  a mallory user with a custom homedir of /home/mallorytoo, but the same
  error happens.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1869306/+subscriptions


References