Fuel for OpenStack

PermitRootLogin for ssh on slaves

Bug #1612848 reported by Nikita Koshikov
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Fix Committed
Medium
Maksim Malchuk
Fuel for OpenStack 10.0
Mitaka
Fix Released
Medium
Maksim Malchuk
Fuel for OpenStack 9.1

Bug Description

In recent MOS9 we have non-root feature enabled, but nodes still have access for root user.

We need to manage PermitRootLogin option for slave nodes.

This class https://github.com/openstack/fuel-library/blob/master/deployment/puppet/osnailyfacter/manifests/ssh.pp should be extended to support new option.

Oleksiy Molchanov (omolchanov)
tags: added: area-library
Maksim Malchuk (mmalchuk)
no longer affects: fuel/newton
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/356798

Changed in fuel:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to fuel-library (stable/mitaka)

Fix proposed to branch: stable/mitaka
Review: https://review.openstack.org/356799

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/356798
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=e3fc1d9d6788ae8fca059aac228ff0b4ba72d429
Submitter: Jenkins
Branch: master

commit e3fc1d9d6788ae8fca059aac228ff0b4ba72d429
Author: Maksim Malchuk <email address hidden>
Date: Thu Aug 18 01:48:39 2016 +0300

    Extend osnailyfacter::ssh class to configure 'PermitRootLogin' option

    Change-Id: I976208967b63e379c24704d629fdc78e3d266719
    Closes-Bug: #1612848
    Signed-off-by: Maksim Malchuk <email address hidden>

Changed in fuel:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-library (stable/mitaka)

Reviewed: https://review.openstack.org/356799
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=c81ddd0fcb50009a03285212861d45bf72281695
Submitter: Jenkins
Branch: stable/mitaka

commit c81ddd0fcb50009a03285212861d45bf72281695
Author: Maksim Malchuk <email address hidden>
Date: Thu Aug 18 01:48:39 2016 +0300

    Extend osnailyfacter::ssh class to configure 'PermitRootLogin' option

    Change-Id: I976208967b63e379c24704d629fdc78e3d266719
    Closes-Bug: #1612848
    Signed-off-by: Maksim Malchuk <email address hidden>
    (cherry picked from commit e3fc1d9d6788ae8fca059aac228ff0b4ba72d429)

TatyanaGladysheva (tgladysheva)
tags: added: on-verification
Revision history for this message
TatyanaGladysheva (tgladysheva) wrote :

Verified on 9.1 snapshot #231.

tags: removed: on-verification
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/fuel-library 10.0.0rc1

This issue was fixed in the openstack/fuel-library 10.0.0rc1 release candidate.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/fuel-library 10.0.0

This issue was fixed in the openstack/fuel-library 10.0.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.