Established units continue to change their password
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Triaged
|
Undecided
|
Unassigned |
Bug Description
When deploying, once the new unit is started, the following logs can be seen:
$ juju debug-log -m m --replay --tail | grep password
machine-0: 12:51:14 DEBUG juju.worker.
machine-0: 12:51:14 DEBUG juju.worker.
machine-0: 12:51:14 INFO juju.worker.
machine-0: 12:51:14 DEBUG juju.worker.
machine-0: 12:51:14 TRACE juju.rpc.jsoncodec -> {"request-
unit-prometheus2-0: 12:51:14 INFO juju.worker.
machine-0: 12:51:14 TRACE juju.rpc.jsoncodec -> {"request-
There should not be need for this so this change is an anomally.
This is how juju ensures the password it was initially given by some other means remains private (e.g. the password was in the agent config file that was put on the instance via instance metadata).