Fuel for OpenStack

Fuel provisions 'root' user by default

Bug #1521589 reported by Adam Heczko on 2015-12-01

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Confirmed	Medium	Fuel Sustaining	Fuel for OpenStack 10.0

Bug Description

Observed on:
Fuel release: "8.0"
  openstack_version: "2015.1.0-8.0"
  api: "1.0"
  build_number: "217"
  build_id: "217"

Problem description:
It was observed that Fuel menu provisions 'root' user for interacting with Fuel node through CLI.
This design choice is far from being optimal, taking into account that Fuel also enables SSH root authentication.

Solution proposal:
In Fuel menu, do not provision 'root' user but other unprivileged user, for example 'fuelcli' or 'fueladmin'.
Add this unprivileged user to 'wheel' group to allow execution of privileged actions.

Tags:

Adam Heczko (aheczko-mirantis) on 2015-12-01

tags:

added: feature

Dmitry Klenov (dklenov) on 2015-12-01

tags:	added: module-fuelmenu
tags:	added: area-python
Changed in fuel:
milestone:	none → 8.0
assignee:	nobody → Fuel Python Team (fuel-python)
importance:	Undecided → Medium
status:	New → Confirmed

Revision history for this message

Alexander Kislitsky (akislitsky) wrote on 2016-01-15:

We passed SCF in 8.0. Moving the bug to 9.0.

Changed in fuel:
milestone:	8.0 → 9.0

Fedor Zhadaev (fzhadaev) on 2016-03-30

Changed in fuel:
milestone:	9.0 → 10.0

Dmitry Pyzhov (dpyzhov) on 2016-06-22

Changed in fuel:
assignee:	Fuel Python (Deprecated) (fuel-python) → Fuel Sustaining (fuel-sustaining-team)

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.