2016-04-12 09:12:57 |
domnulnopcea |
bug |
|
|
added bug |
2016-04-21 06:36:27 |
domnulnopcea |
bug task added |
|
vagrant |
|
2016-05-04 03:25:24 |
Chen-Han Hsiao (Stanley) |
bug |
|
|
added subscriber Chen-Han Hsiao (Stanley) |
2016-05-07 00:34:01 |
christophe |
bug |
|
|
added subscriber christophe |
2016-05-24 15:18:13 |
Orangain |
bug |
|
|
added subscriber Orangain |
2016-05-29 11:08:34 |
Amir |
bug |
|
|
added subscriber Amir |
2016-06-08 15:53:18 |
Dan Watkins |
description |
Hi,
the daily image of xenial for vagrant is not working.
it asks the user for a username and password.
the vagrant image should be configured with a vagrant/vagrant username and password.
thanks |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default, and there is limited benefit to having the "ubuntu" user.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html. |
|
2016-06-08 15:54:58 |
Dan Watkins |
vagrant: status |
New |
Invalid |
|
2016-06-15 10:31:54 |
Keilo |
bug |
|
|
added subscriber Keilo |
2016-06-29 18:15:15 |
Oliver Chick |
bug |
|
|
added subscriber Oliver Chick |
2016-08-18 16:36:01 |
takashisenko |
bug |
|
|
added subscriber takashisenko |
2016-08-18 21:32:33 |
Matthias Rahlf |
bug |
|
|
added subscriber Matthias Rahlf |
2016-09-02 16:46:38 |
David M. Lee |
bug |
|
|
added subscriber David M. Lee |
2016-09-16 12:28:46 |
Edward Maxwell-Lyte |
bug |
|
|
added subscriber Edward Maxwell-Lyte |
2016-09-23 05:08:51 |
Lorin Hochstein |
bug |
|
|
added subscriber Lorin Hochstein |
2016-11-06 19:22:36 |
L |
bug |
|
|
added subscriber L |
2016-11-09 18:26:06 |
Florian Heyer |
bug |
|
|
added subscriber Florian Heyer |
2016-11-15 15:01:47 |
Thomas Bianchi |
bug |
|
|
added subscriber Thomas Bianchi |
2016-11-24 11:07:36 |
Oliver Chick |
removed subscriber Oliver Chick |
|
|
|
2016-12-06 19:46:39 |
Honore Doktorr |
bug |
|
|
added subscriber Honore Doktorr |
2016-12-15 08:22:43 |
dizeee |
bug |
|
|
added subscriber dizeee |
2016-12-20 19:27:28 |
Ganesh Maharaj Mahalingam |
bug |
|
|
added subscriber Ganesh Maharaj Mahalingam |
2016-12-26 09:51:25 |
Boris Dušek |
bug |
|
|
added subscriber Boris Dušek |
2017-01-26 14:15:54 |
Jiri Tyr |
bug |
|
|
added subscriber Jiri Tyr |
2017-02-21 15:30:54 |
Owen Raccuglia |
bug |
|
|
added subscriber Owen Raccuglia |
2017-02-26 05:18:47 |
Nitin Bodke |
bug watch added |
|
https://github.com/mitchellh/vagrant/issues/5005 |
|
2017-03-01 18:52:18 |
Pierre-Gildas MILLON |
bug |
|
|
added subscriber Pierre-Gildas MILLON |
2017-03-27 14:48:22 |
takashisenko |
removed subscriber takashisenko |
|
|
|
2017-03-31 10:35:48 |
Robert Skolnick |
bug |
|
|
added subscriber Robert Skolnick |
2017-04-28 08:34:35 |
Koustubh Sinkar |
vagrant: status |
Invalid |
Opinion |
|
2017-04-28 08:34:48 |
Koustubh Sinkar |
cloud-images: status |
New |
Confirmed |
|
2017-04-28 08:35:10 |
Koustubh Sinkar |
vagrant: status |
Opinion |
Confirmed |
|
2017-04-28 08:38:22 |
Koustubh Sinkar |
bug task added |
|
xenial-backports |
|
2017-05-06 19:30:15 |
Kedar Vaidya |
bug |
|
|
added subscriber Kedar Vaidya |
2017-05-18 21:18:05 |
Paul |
bug |
|
|
added subscriber Paul |
2017-06-19 15:51:10 |
Richard Willis-Owen |
bug |
|
|
added subscriber Richard Willis-Owen |
2017-06-29 02:35:33 |
Peter Ansell |
bug |
|
|
added subscriber Peter Ansell |
2017-07-02 18:09:09 |
Sean Kugele |
bug |
|
|
added subscriber Sean Kugele |
2017-07-18 18:36:53 |
vude |
xenial-backports: assignee |
|
Kalu Victor Ude (vude) |
|
2017-07-18 18:37:01 |
vude |
xenial-backports: assignee |
Kalu Victor Ude (vude) |
|
|
2017-07-21 16:17:05 |
Jeremy |
bug |
|
|
added subscriber Jeremy |
2017-08-17 14:26:02 |
jcv |
bug |
|
|
added subscriber jcv |
2017-08-28 00:09:52 |
Kevin Chan |
bug |
|
|
added subscriber Kevin Chan |
2017-10-15 21:43:52 |
Yassine MADDOURI |
bug |
|
|
added subscriber Yassine MADDOURI |
2017-10-30 09:46:51 |
Fabien COMBERNOUS |
bug watch added |
|
https://github.com/hashicorp/vagrant/issues/5186 |
|
2017-11-21 07:35:21 |
Dominique Poulain |
bug |
|
|
added subscriber Dominique Poulain |
2017-11-22 13:54:22 |
Chris Glass |
cloud-images: assignee |
|
Chris Glass (tribaal) |
|
2017-11-22 21:51:56 |
Dan Streetman |
bug |
|
|
added subscriber Dan Streetman |
2017-11-29 09:25:31 |
Chris Glass |
nominated for series |
|
cloud-images/trunk |
|
2017-11-29 09:25:31 |
Chris Glass |
bug task added |
|
cloud-images/trunk |
|
2017-12-07 13:40:42 |
Chris Glass |
nominated for series |
|
cloud-images/x-series |
|
2017-12-07 13:40:42 |
Chris Glass |
bug task added |
|
cloud-images/x-series |
|
2017-12-07 13:40:54 |
Chris Glass |
cloud-images/x-series: status |
New |
Confirmed |
|
2017-12-07 13:42:24 |
Chris Glass |
cloud-images/trunk: status |
Confirmed |
Fix Committed |
|
2017-12-07 13:54:44 |
Chris Glass |
cloud-images/x-series: assignee |
|
Chris Glass (tribaal) |
|
2017-12-07 14:43:22 |
Chris Glass |
description |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default, and there is limited benefit to having the "ubuntu" user.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html. |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default, and there is limited benefit to having the "ubuntu" user.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html.
------------
Xenial SRU:
[impact]
* The vagrant boxes produced by livecd-rootfs hooks do not conform to the vagrant community's guidelines for box creation, leading vagrant users to use non-official (unaudited) boxes instead, where a "vagrant" user can be found.
* A large portion of vagrant automation (3rd party tools, scripts) rely on the presence of a "vagrant" user conforming to the above guidelines. The official ubuntu images are ones of the very few not conforming to the expected user layout.
[test case]
From a fresh Ubuntu install:
* sudo apt install vagrant
* vagrant init ubuntu/xenial64
* vagrant up
* vagrant ssh
notice the user being logged in as is "ubuntu"
With either ubuntu/artful64 or ubuntu/bionic64, the same steps log the user in as "vagrant".
[Regression potential]
* Users who worked around this behavior in their automation are the most at-risk. They might not be able to login to their boxes anymore, if they worked around by extracting the ubuntu password from the box metadata. If they worked around the problem using cloud-init, no regression will be visible.
* The changes introduce a new insecure user, users having worked around the problem on their own might be be unaware of this.
* The general consensus in the vagrant community is to install third-party boxes instead of spending time to try and workaround the problems with the official ubuntu boxes, so it is likely to be a limited real-world impact.
* The change might affect exotic systems where people for some reason decided to build a non-vagrant machine out of our official vagrant image
Note that these regressions will apply to users upgrading their installations to future releases (artful, bionic, and later). |
|
2017-12-07 14:43:49 |
Chris Glass |
bug task added |
|
livecd-rootfs (Ubuntu) |
|
2017-12-07 15:50:53 |
Chris Glass |
vagrant: status |
Confirmed |
Invalid |
|
2017-12-07 16:01:42 |
Chris Glass |
branch linked |
|
lp:~tribaal/livecd-rootfs/xenial-proposed-vagrant-user-changes |
|
2017-12-12 06:53:35 |
Chris Glass |
description |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default, and there is limited benefit to having the "ubuntu" user.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html.
------------
Xenial SRU:
[impact]
* The vagrant boxes produced by livecd-rootfs hooks do not conform to the vagrant community's guidelines for box creation, leading vagrant users to use non-official (unaudited) boxes instead, where a "vagrant" user can be found.
* A large portion of vagrant automation (3rd party tools, scripts) rely on the presence of a "vagrant" user conforming to the above guidelines. The official ubuntu images are ones of the very few not conforming to the expected user layout.
[test case]
From a fresh Ubuntu install:
* sudo apt install vagrant
* vagrant init ubuntu/xenial64
* vagrant up
* vagrant ssh
notice the user being logged in as is "ubuntu"
With either ubuntu/artful64 or ubuntu/bionic64, the same steps log the user in as "vagrant".
[Regression potential]
* Users who worked around this behavior in their automation are the most at-risk. They might not be able to login to their boxes anymore, if they worked around by extracting the ubuntu password from the box metadata. If they worked around the problem using cloud-init, no regression will be visible.
* The changes introduce a new insecure user, users having worked around the problem on their own might be be unaware of this.
* The general consensus in the vagrant community is to install third-party boxes instead of spending time to try and workaround the problems with the official ubuntu boxes, so it is likely to be a limited real-world impact.
* The change might affect exotic systems where people for some reason decided to build a non-vagrant machine out of our official vagrant image
Note that these regressions will apply to users upgrading their installations to future releases (artful, bionic, and later). |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html.
------------
Xenial SRU:
[impact]
* The vagrant boxes produced by livecd-rootfs hooks do not conform to the vagrant community's guidelines for box creation, leading vagrant users to use non-official (unaudited) boxes instead, where a "vagrant" user can be found.
* A large portion of vagrant automation (3rd party tools, scripts) rely on the presence of a "vagrant" user conforming to the above guidelines. The official ubuntu images are ones of the very few not conforming to the expected user layout.
* An additional "vagrant" user is available in the created image once the proposed patch is applied. The normal "ubuntu" user is also available, and is conforming to the "ubuntu experience" (it requires cloud-init or another mechanism to be given keys/a password).
[test case]
From a fresh Ubuntu install:
* sudo apt install vagrant
* vagrant init ubuntu/xenial64
* vagrant up
* vagrant ssh
notice the user being logged in as is "ubuntu"
With either ubuntu/artful64 or ubuntu/bionic64, the same steps log the user in as "vagrant".
[Regression potential]
* Users who worked around this behavior in their automation are the most at-risk. They might not be able to login to their boxes anymore, if they worked around by extracting the ubuntu password from the box metadata. If they worked around the problem using cloud-init, no regression will be visible.
* The changes introduce a new insecure user, users having worked around the problem on their own might be be unaware of this.
* The general consensus in the vagrant community is to install third-party boxes instead of spending time to try and workaround the problems with the official ubuntu boxes, so it is likely to be a limited real-world impact.
* The change might affect exotic systems where people for some reason decided to build a non-vagrant machine out of our official vagrant image
Note that these regressions will apply to users upgrading their installations to future releases (artful, bionic, and later). |
|
2017-12-13 07:57:51 |
Edward Maxwell-Lyte |
removed subscriber Edward Maxwell-Lyte |
|
|
|
2017-12-13 08:34:32 |
Łukasz Zemczak |
nominated for series |
|
Ubuntu Xenial |
|
2017-12-13 08:34:32 |
Łukasz Zemczak |
bug task added |
|
livecd-rootfs (Ubuntu Xenial) |
|
2017-12-13 08:36:06 |
Łukasz Zemczak |
livecd-rootfs (Ubuntu): status |
New |
Fix Released |
|
2017-12-14 10:13:29 |
Chris Glass |
description |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html.
------------
Xenial SRU:
[impact]
* The vagrant boxes produced by livecd-rootfs hooks do not conform to the vagrant community's guidelines for box creation, leading vagrant users to use non-official (unaudited) boxes instead, where a "vagrant" user can be found.
* A large portion of vagrant automation (3rd party tools, scripts) rely on the presence of a "vagrant" user conforming to the above guidelines. The official ubuntu images are ones of the very few not conforming to the expected user layout.
* An additional "vagrant" user is available in the created image once the proposed patch is applied. The normal "ubuntu" user is also available, and is conforming to the "ubuntu experience" (it requires cloud-init or another mechanism to be given keys/a password).
[test case]
From a fresh Ubuntu install:
* sudo apt install vagrant
* vagrant init ubuntu/xenial64
* vagrant up
* vagrant ssh
notice the user being logged in as is "ubuntu"
With either ubuntu/artful64 or ubuntu/bionic64, the same steps log the user in as "vagrant".
[Regression potential]
* Users who worked around this behavior in their automation are the most at-risk. They might not be able to login to their boxes anymore, if they worked around by extracting the ubuntu password from the box metadata. If they worked around the problem using cloud-init, no regression will be visible.
* The changes introduce a new insecure user, users having worked around the problem on their own might be be unaware of this.
* The general consensus in the vagrant community is to install third-party boxes instead of spending time to try and workaround the problems with the official ubuntu boxes, so it is likely to be a limited real-world impact.
* The change might affect exotic systems where people for some reason decided to build a non-vagrant machine out of our official vagrant image
Note that these regressions will apply to users upgrading their installations to future releases (artful, bionic, and later). |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html.
------------
Xenial SRU:
[impact]
* An additional "vagrant" user is available in the created image once the proposed patch is applied. The normal "ubuntu" user is also available, and is conforming to the "ubuntu experience" (it requires cloud-init or another mechanism to be given keys/a password).
* The vagrant boxes produced by livecd-rootfs hooks do not conform to the vagrant community's guidelines for box creation, leading vagrant users to use non-official (unaudited) boxes instead, where a "vagrant" user can be found.
* A large portion of vagrant automation (3rd party tools, scripts) rely on the presence of a "vagrant" user conforming to the above guidelines. The official ubuntu images are ones of the very few not conforming to the expected user layout.
* The official Ubuntu trusty image previously offered a "vagrant" user, and that was lost or omitted when migrating xenial+ to a new build system. This could be considered a regression, although historical context of that change is unfortunately not available anymore.
[test case]
From a fresh Ubuntu install:
* sudo apt install vagrant
* vagrant init ubuntu/xenial64
* vagrant up
* vagrant ssh
notice the user being logged in as is "ubuntu"
With either ubuntu/artful64 or ubuntu/trusty64, the same steps log the user in as "vagrant".
[Regression potential]
* Users who worked around this behavior in their automation are the most at-risk. They might not be able to login to their boxes anymore, if they worked around by extracting the ubuntu password from the box metadata. If they worked around the problem using cloud-init, no regression will be visible.
* The changes introduce a new insecure user, users having worked around the problem on their own might be be unaware of this.
* The general consensus in the vagrant community is to install third-party boxes instead of spending time to try and workaround the problems with the official ubuntu boxes, so it is likely to be a limited real-world impact.
* The change might affect exotic systems where people for some reason decided to build a non-vagrant machine out of our official vagrant image
Note that these regressions will apply to users upgrading their installations to future releases (artful, bionic, and later). |
|
2017-12-14 12:57:29 |
Chris Glass |
livecd-rootfs (Ubuntu Xenial): assignee |
|
Chris Glass (tribaal) |
|
2017-12-14 12:57:36 |
Chris Glass |
livecd-rootfs (Ubuntu Xenial): assignee |
Chris Glass (tribaal) |
|
|
2017-12-20 18:30:59 |
Balint Reczey |
branch linked |
|
lp:~rbalint/livecd-rootfs/vagrant |
|
2017-12-21 08:38:04 |
Balint Reczey |
branch linked |
|
lp:~rbalint/livecd-rootfs/vagrant-interactive-xenial |
|
2017-12-22 09:12:06 |
Launchpad Janitor |
livecd-rootfs (Ubuntu Xenial): status |
New |
Confirmed |
|
2017-12-22 09:16:55 |
Jakub Nowakowski |
bug |
|
|
added subscriber Jakub Nowakowski |
2017-12-27 03:05:33 |
ross |
bug |
|
|
added subscriber ross |
2018-01-03 16:09:23 |
Chris Glass |
description |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html.
------------
Xenial SRU:
[impact]
* An additional "vagrant" user is available in the created image once the proposed patch is applied. The normal "ubuntu" user is also available, and is conforming to the "ubuntu experience" (it requires cloud-init or another mechanism to be given keys/a password).
* The vagrant boxes produced by livecd-rootfs hooks do not conform to the vagrant community's guidelines for box creation, leading vagrant users to use non-official (unaudited) boxes instead, where a "vagrant" user can be found.
* A large portion of vagrant automation (3rd party tools, scripts) rely on the presence of a "vagrant" user conforming to the above guidelines. The official ubuntu images are ones of the very few not conforming to the expected user layout.
* The official Ubuntu trusty image previously offered a "vagrant" user, and that was lost or omitted when migrating xenial+ to a new build system. This could be considered a regression, although historical context of that change is unfortunately not available anymore.
[test case]
From a fresh Ubuntu install:
* sudo apt install vagrant
* vagrant init ubuntu/xenial64
* vagrant up
* vagrant ssh
notice the user being logged in as is "ubuntu"
With either ubuntu/artful64 or ubuntu/trusty64, the same steps log the user in as "vagrant".
[Regression potential]
* Users who worked around this behavior in their automation are the most at-risk. They might not be able to login to their boxes anymore, if they worked around by extracting the ubuntu password from the box metadata. If they worked around the problem using cloud-init, no regression will be visible.
* The changes introduce a new insecure user, users having worked around the problem on their own might be be unaware of this.
* The general consensus in the vagrant community is to install third-party boxes instead of spending time to try and workaround the problems with the official ubuntu boxes, so it is likely to be a limited real-world impact.
* The change might affect exotic systems where people for some reason decided to build a non-vagrant machine out of our official vagrant image
Note that these regressions will apply to users upgrading their installations to future releases (artful, bionic, and later). |
It is Vagrant convention that the default user is named "vagrant"[0], and a whole host of scripts assume this to be the default.
The xenial box is substantially less useful to Vagrant users with the "ubuntu" user as the default.
[0] Search for "user to SSH" in https://www.vagrantup.com/docs/boxes/base.html.
------------
Xenial SRU:
[impact]
* An additional "vagrant" user is available in the created image once the proposed patch is applied. The normal "ubuntu" user is also available, and is conforming to the "ubuntu experience" (it requires cloud-init or another mechanism to be given keys/a password).
* The vagrant boxes produced by livecd-rootfs hooks do not conform to the vagrant community's guidelines for box creation, leading vagrant users to use non-official (unaudited) boxes instead, where a "vagrant" user can be found.
* A large portion of vagrant automation (3rd party tools, scripts) rely on the presence of a "vagrant" user conforming to the above guidelines. The official ubuntu images are ones of the very few not conforming to the expected user layout.
* The official Ubuntu trusty image previously offered a "vagrant" user, and that was lost or omitted when migrating xenial+ to a new build system. This could be considered a regression, although historical context of that change is unfortunately not available anymore.
[test case]
From a fresh Ubuntu install:
* sudo apt install vagrant
* vagrant init ubuntu/xenial64
* vagrant up
* vagrant ssh
notice the user being logged in as is "ubuntu"
With either ubuntu/artful64 or ubuntu/trusty64, the same steps log the user in as "vagrant".
An image with the proposed changes was built and uploaded as "tribaal/xenial64".
[Regression potential]
* Users who worked around this behavior in their automation are the most at-risk. They might not be able to login to their boxes anymore, if they worked around by extracting the ubuntu password from the box metadata. If they worked around the problem using cloud-init, no regression will be visible.
* The changes introduce a new insecure user, users having worked around the problem on their own might be be unaware of this.
* The general consensus in the vagrant community is to install third-party boxes instead of spending time to try and workaround the problems with the official ubuntu boxes, so it is likely to be a limited real-world impact.
* The change might affect exotic systems where people for some reason decided to build a non-vagrant machine out of our official vagrant image
Note that these regressions will apply to users upgrading their installations to future releases (artful, bionic, and later). |
|
2018-01-03 17:28:46 |
Łukasz Zemczak |
livecd-rootfs (Ubuntu Xenial): status |
Confirmed |
Fix Committed |
|
2018-01-03 17:28:48 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2018-01-03 17:28:51 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
2018-01-03 17:29:02 |
Łukasz Zemczak |
tags |
password username vagrant xenial |
password username vagrant verification-needed verification-needed-xenial xenial |
|
2018-01-09 20:12:12 |
Dan Watkins |
tags |
password username vagrant verification-needed verification-needed-xenial xenial |
password username vagrant verification-done verification-done-xenial xenial |
|
2018-01-10 00:45:29 |
ZTS |
bug |
|
|
added subscriber ZTS |
2018-01-10 04:15:30 |
Yong Li |
bug |
|
|
added subscriber Yong Li |
2018-01-11 09:01:33 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2018-01-11 09:01:58 |
Launchpad Janitor |
livecd-rootfs (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2018-01-12 07:34:40 |
Chris Glass |
cloud-images/x-series: status |
Confirmed |
Fix Committed |
|
2018-01-13 08:05:59 |
Chris Glass |
cloud-images/x-series: status |
Fix Committed |
Fix Released |
|
2018-01-13 08:08:03 |
Chris Glass |
cloud-images/trunk: status |
Fix Committed |
Fix Released |
|
2018-01-13 08:20:14 |
Chris Glass |
xenial-backports: status |
New |
Fix Released |
|
2018-01-13 08:28:49 |
Yong Li |
removed subscriber Yong Li |
|
|
|
2018-01-16 07:41:21 |
Baptiste Lafontaine |
bug |
|
|
added subscriber Baptiste Lafontaine |
2020-05-27 14:22:21 |
Robert C Jennings |
bug task deleted |
cloud-images/trunk |
|
|