Initial admin cannot log out

Bug #1579833 reported by Peter Matulis on 2016-05-09
This bug affects 2 people
Affects Status Importance Assigned to Milestone

Bug Description

When a controller is created (`juju bootstrap`) the system user gains and logs in as the initial Juju user administrator of that controller. This user is provided an internal password only (~/.local/share/juju/accounts.yaml) and, because of this, can not log out (`juju logout`) without receiving an ugly message [1]. Seeing that such a logout attempt may be made a long time after controller-creation time this issue also has the potential of being unsettling and confusing. This limitation is also felt if the system account will ever be used for multiple Juju user accounts. Since non-admin users get a real password set (`juju register`) it makes sense for admins to also have a password to make everything consistent and simple. One solution is to, once the controller is created, print text urging the admin to create a password.

--------- >8 ---------
ERROR preventing account loss

It appears that you have not changed the password for
your account. If this is the case, change the password
first before logging out, so that you can log in again
afterwards. To change your password, run the command
"juju change-user-password".

If you are sure you want to log out, and it is safe to
clear the credentials from the client, then you can run
this command again with the "--force" flag.
--------- 8< ---------

tags: added: docteam juju-release-support usability
removed: doctem
Changed in juju-core:
status: New → Triaged
importance: Undecided → Medium
Changed in juju-core:
milestone: none → 2.0.0
affects: juju-core → juju
Changed in juju:
milestone: 2.0.0 → none
milestone: none → 2.0.0
Curtis Hovey (sinzui) on 2016-10-06
Changed in juju:
milestone: 2.0.0 → 2.0.1
Curtis Hovey (sinzui) on 2016-11-01
Changed in juju:
milestone: 2.0.1 → none
Anastasia (anastasia-macmood) wrote :

I am not convinced that this is necessary. We are now using macaroons and, in any case, letting admin users know that they need to have a password when logging out is cleaner than creating admin users with passwords. There are plenty situations were it is not needed.

In scenarios where it is needed, admin users create passwords anyway as part of the normal workflow, so are not confronted with the message.

Changed in juju:
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers