Actions
Bug #16927
open
Rudder deleting authorized_keys when / is full and 'Flush SSH' enabled
Pull Request:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
Description
A bug is happening when a disk is being filled (ie: with something spamming the syslog) and 'Flush SSH' is enabled.
The authorized_key happens to be deleted before being recreated, which ends-up not being possible as the disk is full.
This results in a server being totally unreachable.
Updated by François ARMAND over 4 years ago
Thanks for reporting.
We will look if we can add a guard to prevent that case, or change the way it's done (creation, then deletion, then move or something like that)
Updated by François ARMAND over 4 years ago
- Category changed from Agent to Techniques
- User visibility set to Operational - other Techniques | Rudder settings | Plugins
- Priority changed from 0 to 76
Updated by Nicolas CHARLES over 4 years ago
The authorized_keys file is never deleted (at least using technique version 4.0)
It is copied from file authorized_keys.tmp - so what is possible is that this file is created empty because of disk full, and technique doesn't detect that there's been an error
Updated by Vincent MEMBRÉ over 4 years ago
- Target version changed from 5.0.17 to 5.0.18
Updated by Vincent MEMBRÉ over 4 years ago
- Target version changed from 5.0.18 to 5.0.19
- Priority changed from 76 to 72
Updated by Vincent MEMBRÉ about 4 years ago
- Target version changed from 5.0.19 to 5.0.20
- Priority changed from 72 to 70
Updated by Vincent MEMBRÉ about 4 years ago
- Target version changed from 5.0.20 to 797
- Priority changed from 70 to 68
Updated by Benoît PECCATTE over 3 years ago
- Target version changed from 797 to 6.1.14
- Priority changed from 68 to 63
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 6.1.14 to 6.1.15
Updated by Vincent MEMBRÉ over 3 years ago
- Target version changed from 6.1.15 to 6.1.16
Updated by Vincent MEMBRÉ about 3 years ago
- Target version changed from 6.1.16 to 6.1.17
Updated by Vincent MEMBRÉ about 3 years ago
- Target version changed from 6.1.17 to 6.1.18
Updated by Vincent MEMBRÉ almost 3 years ago
- Target version changed from 6.1.18 to 6.1.19
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.19 to 6.1.20
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.20 to 6.1.21
Updated by Vincent MEMBRÉ over 2 years ago
- Target version changed from 6.1.21 to old 6.1 issues to relocate
Updated by Alexis Mousset 7 months ago
- Target version changed from old 6.1 issues to relocate to 7.3.15
- Priority changed from 63 to 0
Updated by Vincent MEMBRÉ 6 months ago
- Target version changed from 7.3.15 to 7.3.16
Updated by Vincent MEMBRÉ 5 months ago
- Target version changed from 7.3.16 to 7.3.17
Actions