Project

General

Profile

Actions

Bug #16927

open

Rudder deleting authorized_keys when / is full and 'Flush SSH' enabled

Added by Romain Brucker almost 5 years ago. Updated 6 months ago.

Status:
New
Priority:
N/A
Assignee:
-
Category:
Techniques
Target version:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:

Description

A bug is happening when a disk is being filled (ie: with something spamming the syslog) and 'Flush SSH' is enabled.

The authorized_key happens to be deleted before being recreated, which ends-up not being possible as the disk is full.
This results in a server being totally unreachable.

Actions #1

Updated by François ARMAND almost 5 years ago

Thanks for reporting.
We will look if we can add a guard to prevent that case, or change the way it's done (creation, then deletion, then move or something like that)

Actions #2

Updated by François ARMAND almost 5 years ago

  • Category changed from Agent to Techniques
  • User visibility set to Operational - other Techniques | Rudder settings | Plugins
  • Priority changed from 0 to 76
Actions #3

Updated by Nicolas CHARLES almost 5 years ago

The authorized_keys file is never deleted (at least using technique version 4.0)
It is copied from file authorized_keys.tmp - so what is possible is that this file is created empty because of disk full, and technique doesn't detect that there's been an error

Actions #4

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.17 to 5.0.18
Actions #5

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.18 to 5.0.19
  • Priority changed from 76 to 72
Actions #6

Updated by Vincent MEMBRÉ over 4 years ago

  • Target version changed from 5.0.19 to 5.0.20
  • Priority changed from 72 to 70
Actions #7

Updated by Vincent MEMBRÉ about 4 years ago

  • Target version changed from 5.0.20 to 797
  • Priority changed from 70 to 68
Actions #8

Updated by Benoît PECCATTE over 3 years ago

  • Target version changed from 797 to 6.1.14
  • Priority changed from 68 to 63
Actions #9

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.14 to 6.1.15
Actions #10

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.15 to 6.1.16
Actions #11

Updated by Vincent MEMBRÉ over 3 years ago

  • Target version changed from 6.1.16 to 6.1.17
Actions #12

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.17 to 6.1.18
Actions #13

Updated by Vincent MEMBRÉ about 3 years ago

  • Target version changed from 6.1.18 to 6.1.19
Actions #14

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.19 to 6.1.20
Actions #15

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.20 to 6.1.21
Actions #16

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 6.1.21 to old 6.1 issues to relocate
Actions #17

Updated by Alexis Mousset 8 months ago

  • Target version changed from old 6.1 issues to relocate to 7.3.15
  • Priority changed from 63 to 0
Actions #18

Updated by Vincent MEMBRÉ 7 months ago

  • Target version changed from 7.3.15 to 7.3.16
Actions #19

Updated by Vincent MEMBRÉ 6 months ago

  • Target version changed from 7.3.16 to 7.3.17
Actions

Also available in: Atom PDF