juju ssh should default to --pty=false when stdin is not a terminal
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
Medium
|
Andrew Wilkins |
Bug Description
When --pty=true (the default), juju ssh does not pass data provided on standard input to the remote system. Instead, it displays standard input on standard output (due to pty remote echo), then hangs indefinitely (well, at least overnight, which is what I tested). (This matches ssh's behaviour when creation of a pty is forced with -tt.) Setting --pty=false produces more sensible behaviour.
Here is a simple test case:
$ juju version
2.2.6-trusty-amd64
$ juju ssh 0 'sleep 1; grep blah; asdf' <<EOF
foo
blah
bar
EOF
foo
blah
bar
blah
^C
$ juju ssh --pty=false 0 'sleep 1; grep blah; asdf' <<EOF
foo
blah
bar
EOF
blah
bash: asdf: command not found
This behaviour is unexpected, and a possible information leak (if secrets are being passed on standard input). Changes requested:
1. Make the help text clearer that this can't be expected to work without --pty=false.
2. Make --pty=false the default when stdin is not a terminal. (This matches ssh's default behaviour.)
description: | updated |
tags: | added: canonical-is |
Changed in juju: | |
status: | New → Triaged |
importance: | Undecided → Medium |
tags: | added: bitesize papercut |
Changed in juju: | |
milestone: | none → 2.3.1 |
Changed in juju: | |
milestone: | 2.3.1 → none |
Changed in juju: | |
milestone: | none → 2.3.2 |
Changed in juju: | |
status: | Triaged → In Progress |
assignee: | nobody → Andrew Wilkins (axwalk) |
Changed in juju: | |
status: | In Progress → Fix Committed |
Changed in juju: | |
status: | Fix Committed → Fix Released |
https:/ /github. com/juju/ juju/pull/ 8261