yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1979065] Re: cc_set_passwords does not expire users if password given as hash

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Brett Holman <1979065@xxxxxxxxxxxxxxxxxx>
Date: Fri, 19 Aug 2022 16:37:26 -0000
Reply-to: Bug 1979065 <1979065@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

This bug is believed to be fixed in cloud-init in version 22.3. If this
is still a problem for you, please make a comment and set the state back
to New

Thank you.

** Changed in: cloud-init
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1979065

Title:
  cc_set_passwords does not expire users if password given as hash

Status in cloud-init:
  Fix Released

Bug description:
  https://cloudinit.readthedocs.io/en/latest/topics/modules.html#set-
  passwords

  Documentation explains three different ways of setting user password
  using chpasswd but doesn't mention that they would otherwise work any
  differently from one another. Passwords should by default be expired
  if not specifically set otherwise in chpasswd. Although if one sets
  the password as hash either in password or chpasswd list,
  cc_set_passwords.py skips passwd --expire <username> completely which
  doesn't match documented behaviour.

  https://github.com/canonical/cloud-
  init/blob/728098325657cb2fec559cf321ccd5235e786381/cloudinit/config/cc_set_passwords.py#L260

  This part only applies to users which had either plain text password
  or random password set.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1979065/+subscriptions

References

[Bug 1979065] [NEW] cc_set_passwords does not expire users if password given as hash
From: Roni Väyrynen, 2022-06-17