Project

General

Profile

Actions

Bug #6031

closed

wrong group set by SSH key distribution

Added by Alexander Brunhirl over 9 years ago. Updated about 9 years ago.

Status:
Released
Priority:
N/A
Category:
Techniques
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Hi,

during the authorized key file rollout the default group is set to "users" instead of the primary group of the user.
Flush the authorized key files before updating is disabled.

Example Output:

rudder01:~ # id testuser
uid=18413(testuser) gid=33545(testgrp) groups=33545(testgrp)

rudder01:~ # ls -l /home/testuser/.ssh/authorized_keys
-rw------- 1 testuser users 609 Aug 22 15:05 /home/testuser/.ssh/authorized_keys

rudder01:~ # chgrp testgrp /home/testuser/.ssh/authorized_keys; cfsync &> /dev/null; cfapply | egrep '(R:.*sshKeyDistribution).*testuser'
R: @@sshKeyDistribution@@result_repaired@@42d47cfb-e87d-43bf-aa19-94ea96b88377@@26f4f175-48b3-4963-8cbd-e1177fff175c@@65@@SSH key@@testuser key1@@2014-12-18 14:23:17+00:00##1b724ab4-d066-467b-8aaf-c2fe2c8ca6b4@#SSH key "testuser key1" for user testuser was repaired

rudder01:~ # ls -l /home/testuser/.ssh/authorized_keys
-rw------- 1 testuser users 609 Aug 22 15:05 /home/testuser/.ssh/authorized_keys

Directive: SSH keys distribution
Directive version: 3.0
Rudder version: Rudder v.2.11.5~rc1~git201411220241

Actions

Also available in: Atom PDF