yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #82357
[Bug 1869306] Re: Users module errors for users of same SSH key type with existing user
Actually I think that may have been a red herring, I think "-
name:trent" was the actual problem: that's parsed as ["name:trent"], not
{"name": "trent"}. Which then means that the parser expects the
following line to be a list item, and it's a mapping item, hence the
blow up.
Regardless, glad you got this sorted!
** Changed in: cloud-init
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1869306
Title:
Users module errors for users of same SSH key type with existing user
Status in cloud-init:
Invalid
Bug description:
I'm starting an instance (tried both centos and ubuntu) in AWS with
user_data similar to the following:
users:
- name: bob
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users
lock_passwd: true
ssh_authorized_keys:
- ssh-rsa some-ssh-pubkey-xxxxxxxxx
- name: alice
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users
lock_passwd: true
ssh_authorized_keys:
- ssh-rsa some-ssh-pubkey-xxxxxxxxx
- name: mallory
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users
lock_passwd: true
ssh_authorized_keys:
- ssh-rsa some-ssh-pubkey-xxxxxxxxx
- name: trent
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users
lock_passwd: true
ssh_authorized_keys:
- ssh-ed25519 some-ssh-pubkey-xxxxxxxxx
Two things are special in this case. Mallory made herself a user
account on the box before baking the original image, and Trent has an
ECC key (the rest are using RSA).
Upon running this in AWS, only Trent gets created. The only
discernible error I have seen is:
File "/usr/lib/python2.7/site-packages/cloudinit/ssh_util.py", line 208, in us
ers_ssh_info
pw_ent = pwd.getpwnam(username)
KeyError: 'getpwnam(): name not found: alice'
Trent can log in and see that his key has been created, but literally
every other user who is using an RSA SSH key hasn't had their user
created. Compounding it, Mallory doesn't have a login but still
retains her home directory.
The fix for this entails making a user "mallory2" and leaving mallory
alone. When this happens, all users get created (though mallory's
original account is missing other than /home). I've also tried making
a mallory user with a custom homedir of /home/mallorytoo, but the same
error happens.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1869306/+subscriptions
References