GCE data source should only add "ubuntu" keys to the ubuntu user

Bug #1707037 reported by Dan Watkins on 2017-07-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
Medium
Max Illfelder
cloud-init (Ubuntu)
Medium
Max Illfelder

Bug Description

GCE supports specifying SSH keys for an instance as a tuple of (username, key). Currently, cloud-init will add all keys to the default (ubuntu) user, regardless of the user specified in metadata.

This is problematic because there may be users in the metadata who are not intended to have sudo access but could gain sudo privileges via the ubuntu user.

Related branches

Changed in cloud-init:
status: New → Fix Committed
assignee: nobody → Max Illfelder (illfelder)
Changed in cloud-init (Ubuntu):
assignee: nobody → Max Illfelder (illfelder)
status: New → Fix Committed
Scott Moser (smoser) on 2018-01-24
Changed in cloud-init:
importance: Undecided → Medium
Changed in cloud-init (Ubuntu):
importance: Undecided → Medium
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 17.2-20-g32a6a176-0ubuntu1

---------------
cloud-init (17.2-20-g32a6a176-0ubuntu1) bionic; urgency=medium

  * New upstream snapshot.
    - tests: Fix EC2 Platform to return console output as bytes.
    - tests: Fix attempted use of /run in a test case.
    - GCE: Improvements and changes to ssh key behavior for default user.
      [Max Illfelder] (LP: #1670456, #1707033, #1707037, #1707039)
    - subp: make ProcessExecutionError have expected types in stderr, stdout.
    - tests: when querying ntp server, do not do dns resolution.
    - Recognize uppercase vfat disk labels [James Penick] (LP: #1598783)
    - tests: remove zesty as supported OS to test

 -- Chad Smith <email address hidden> Tue, 23 Jan 2018 20:10:44 -0700

Changed in cloud-init (Ubuntu):
status: Fix Committed → Fix Released

This bug is believed to be fixed in cloud-init in 18.1. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers