Ubuntu
linux package

using version 4.4.0-38-generic, x86_64 on MacMini

Bug #1628586 reported by Gerald Lovel
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
New
Undecided
Unassigned

Bug Description

Confirmation of bug #1626749 regarding $USER token substitution problem in autofs. Even when the $USER token was replaced with a valid username for the share, autofs was unable to mount shares using certificates, nor could sshfs. These programs reverted to password authentication instead. The reason for mounting with certificates instead of passwords is security, of course.

Emily Ratliff (emilyr)
information type: Private Security → Public Security
Revision history for this message
kalyp (kalyp) wrote :

I don't think this is a duplicate bug, or rather, I am not affected by this one and am by #1626749. On my side, replacing $USER by my username works. I have 2 identical lines in autofs, one with credentials=/home/$USER/.credentials (fails as it looks for /home/root/.credentials), one with credentials=/home/myusername/.credentials (works just fine for me).

Revision history for this message
Gerald Lovel (glovel) wrote : Re: [Bug 1628586] Re: using version 4.4.0-38-generic, x86_64 on MacMini

This is my experience as well. I believe this was part of the original bug,
but the important issue is that because $USER does not work, automated file
system attaches using user credentials do not work. (Or to make them work,
we would have to have an autofs.conf file with special-case logic for every
possible user, contrary to the point of the utility.)

Or, we could drop the user certificate logins and use root login with share
passwords, defeating the security of the shares. Therefore the bug is a
security issue, and the priority should be upped accordingly.

Gerald
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gerald Lovel | 901.276.1004
<email address hidden> | AAltSys.com
AAltSys Technology Center
<http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=aaltsys&aq=&sll=37.0625,-95.677068&sspn=52.947994,100.898438&ie=UTF8&hq=aaltsys&hnear=&z=13&iwloc=A&cid=7533665924136652323>

On Fri, Oct 14, 2016 at 11:49 AM, kalyp <email address hidden> wrote:

> *** This bug is a duplicate of bug 1626749 ***
> https://bugs.launchpad.net/bugs/1626749
>
> I don't think this is a duplicate bug, or rather, I am not affected by
> this one and am by #1626749. On my side, replacing $USER by my username
> works. I have 2 identical lines in autofs, one with
> credentials=/home/$USER/.credentials (fails as it looks for
> /home/root/.credentials), one with
> credentials=/home/myusername/.credentials (works just fine for me).
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1628586
>
> Title:
> using version 4.4.0-38-generic, x86_64 on MacMini
>
> Status in linux package in Ubuntu:
> New
>
> Bug description:
> Confirmation of bug #1626749 regarding $USER token substitution
> problem in autofs. Even when the $USER token was replaced with a valid
> username for the share, autofs was unable to mount shares using
> certificates, nor could sshfs. These programs reverted to password
> authentication instead. The reason for mounting with certificates
> instead of passwords is security, of course.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/
> 1628586/+subscriptions
>

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.