Project

General

Profile

Actions
Copy link

Bug #6031

closed

wrong group set by SSH key distribution

Added by Alexander Brunhirl almost 10 years ago. Updated almost 10 years ago.

Status:
Released
Priority:
N/A
Assignee:
Nicolas CHARLES
Category:
Techniques
Target version:
2.10.10
Pull Request:
https://github.com/Normation/rudder-t...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Hi,

during the authorized key file rollout the default group is set to "users" instead of the primary group of the user.
Flush the authorized key files before updating is disabled.

Example Output:

rudder01:~ # id testuser
uid=18413(testuser) gid=33545(testgrp) groups=33545(testgrp)

rudder01:~ # ls -l /home/testuser/.ssh/authorized_keys
-rw------- 1 testuser users 609 Aug 22 15:05 /home/testuser/.ssh/authorized_keys

rudder01:~ # chgrp testgrp /home/testuser/.ssh/authorized_keys; cfsync &> /dev/null; cfapply | egrep '(R:.*sshKeyDistribution).*testuser'
R: @@sshKeyDistribution@@result_repaired@@42d47cfb-e87d-43bf-aa19-94ea96b88377@@26f4f175-48b3-4963-8cbd-e1177fff175c@@65@@SSH key@@testuser key1@@2014-12-18 14:23:17+00:00##1b724ab4-d066-467b-8aaf-c2fe2c8ca6b4@#SSH key "testuser key1" for user testuser was repaired

rudder01:~ # ls -l /home/testuser/.ssh/authorized_keys
-rw------- 1 testuser users 609 Aug 22 15:05 /home/testuser/.ssh/authorized_keys

Directive: SSH keys distribution
Directive version: 3.0
Rudder version: Rudder v.2.11.5~rc1~git201411220241

Actions
Copy link

Also available in: Atom PDF