Canonical Juju

[RFE] Avoid hardcoded "ubuntu" user and group usage

Bug #1785292 reported by Dmitrii Shcherbakov
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Canonical Juju
Triaged
Low
Unassigned

Bug Description

There are scenarios where organizations customize user and group management on the target operating system. For example, default /etc/nsswitch.conf may be customized to avoid local users completely and for users to only come from an identity management system integrated via PAM.

http://man7.org/linux/man-pages/man5/nsswitch.conf.5.html (i.e. no "files" or "compat" directives)

In a scenario where an organization has a huge directory, having an "ubuntu" user and "ubuntu" group is not possible and other account names are used instead. Moreover, in case of remote user and group management it is not possible to add local users to remote groups or remote users to local groups.

Juju should avoid usage of "ubuntu@" and "ubuntu:ubuntu" and let an administrator to configure which users will be used during bootstrap, machine provisioning and during any other operations.

cloudconfig/userdatacfg_unix.go: // ubuntu:ubuntu from root:root so the juju-run command run as the ubuntu
cloudconfig/userdatacfg_unix.go: fmt.Sprintf("(id ubuntu &> /dev/null) && chown ubuntu:ubuntu %s", lockDir),

cmd/plugins/juju-upgrade-mongo/upgrade.go: cmd := exec.Command("ssh", []string{"-o StrictHostKeyChecking=no", fmt.Sprintf("ubuntu@%s", machine), "sudo -n bash -c " + utils.ShQuote(script)}...)
environs/manual/sshprovisioner/init_test.go: defer installFakeSSH(c, "", "", 1)() // simulate failure of ubuntu@ login
environs/manual/sshprovisioner/init_test.go: defer installFakeSSH(c, "", "", 1)() // simulate failure of ubuntu@ login
environs/manual/sshprovisioner/sshprovisioner.go: cmd := ssh.Command("ubuntu@"+host, []string{"sudo", "-n", "true"}, nil)
environs/manual/sshprovisioner/sshprovisioner.go: cmd := ssh.Command("ubuntu@"+host, []string{"/bin/bash"}, nil)
environs/manual/sshprovisioner/sshprovisioner.go: cmd := ssh.Command("ubuntu@"+host, []string{"/bin/bash"}, nil)

...

provider/manual/environ.go: "ubuntu@"+e.host,
provider/manual/environ.go: "ubuntu@"+e.host,
state/backups/restore.go: userAddr := "ubuntu@" + addr

See original description
Richard Harding (rharding)
Changed in juju:
milestone: none → 2.5-beta1
status: New → Triaged
importance: Undecided → High
Dmitrii Shcherbakov (dmitriis)
description: updated
Richard Harding (rharding)
Changed in juju:
milestone: 2.5-beta1 → 2.5-beta2
Richard Harding (rharding)
Changed in juju:
milestone: 2.5-beta2 → none
importance: High → Wishlist
Ian Booth (wallyworld)
tags: added: ubuntu-user
Revision history for this message
Canonical Juju QA Bot (juju-qa-bot) wrote :

This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.

Changed in juju:
importance: Wishlist → Low
tags: added: expirebugs-bot
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.