Bug #14732
closed
Technique "SSH authorized keys" creates home directory with perms root:root when it does not exists yet
Added by Nicolas CHARLES over 5 years ago.
Updated about 4 years ago.
Severity:
Major - prevents use of part of Rudder | no simple workaround
Description
When using sshKeyDistribution with a home directory not set (but user existing), it create home directory with perms 700:root:root, but.ssh and authorized_keys have correct permissions
It should create the home with correct permissions
- Status changed from New to In progress
- Assignee set to Nicolas CHARLES
- Description updated (diff)
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Alexis Mousset
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1430
- Assignee changed from Alexis Mousset to Nicolas CHARLES
- Status changed from Pending technical review to Pending release
- Subject changed from sshKeyDistribution creates home directory with perms root:root when it does not exists yet to Technique "SSH authorized keys" creates home directory with perms root:root when it does not exists yet
- Status changed from Pending release to Released
This bug has been fixed in Rudder 4.1.22, 4.3.12 and 5.0.10 which were released today.
Hello,
I'm just realizing I'm facing this same bug with :
- rudder agent version
Rudder agent 6.1.6.release
I removed /home/my_user, then ran rudder agent run -u, and the /home/my_user directory, as well as the underlying .ssh directory was owned by root:root
The authorized_keys owner and group are correct though.
- Severity set to Major - prevents use of part of Rudder | no simple workaround
Hello,
This bug prevents the success of next steps in the setup of an account, so could one re-open this issue please?
Hi Nicolas. Which version of the technique are you using ?
Also, techniques used to not be automatically updated at Rudder upgrade. Is it a fresh install, or an upgrade from a Rudder before 6.0 ? Is the later, you'll need to run
rudder server upgrade-techniques -o
to force upgrading your techniques
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by