Canonical Juju

Juju cant add ssh-keys when user ubuntu home is relocated

Bug #1886012 reported by Erik Lönroth on 2020-07-02

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Canonical Juju	Triaged	Low	Unassigned

Bug Description

As part of a charm, we move the user "ubuntu" home to /lhome to make way for autofs to mount user NFS home directories.

As a result, juju throws errors:

machine-1: 10:19:10 DEBUG juju.utils.ssh reading authorised keys file /home/ubuntu/.ssh/authorized_keys
machine-1: 10:19:10 DEBUG juju.utils.ssh reading authorised keys file /home/ubuntu/.ssh/authorized_keys
machine-1: 10:19:10 INFO juju.worker.authenticationworker adding current Juju keys to ssh authorised keys: cannot create ssh key directory: mkdir /home/ubuntu: permission denied
machine-1: 10:19:10 DEBUG juju.worker.dependency "ssh-authkeys-updater" manifold worker stopped: adding current Juju keys to ssh authorised keys: cannot create ssh key directory: mkdir /home/ubuntu: permission denied
machine-1: 10:19:10 ERROR juju.worker.dependency "ssh-authkeys-updater" manifold worker returned unexpected error: adding current Juju keys to ssh authorised keys: cannot create ssh key directory: mkdir /home/ubuntu: permission denied
machine-1: 10:19:10 DEBUG juju.worker.dependency stack trace:
mkdir /home/ubuntu: permission denied
/workspace/_build/src/github.com/juju/juju/vendor/github.com/juju/utils/ssh/authorisedkeys.go:117: cannot create ssh key directory
/workspace/_build/src/github.com/juju/juju/worker/authenticationworker/worker.go:92: adding current Juju keys to ssh authorised keys

This is problematic and hightlight the need to have juju not depend on the user ubuntu and having its home placed in /home/ubuntu.

I'm not sure what we have broken at this point with our charm, but its fundamentally needed for us to be able to mount NFS homes for user in an enterprise context.

Tags:

Pen Gale (pengale) on 2020-07-02

Changed in juju:
status:	New → Triaged
importance:	Undecided → High

Pen Gale (pengale) on 2020-07-02

Changed in juju:
status:	Triaged → New
importance:	High → Undecided

Revision history for this message

Pen Gale (pengale) wrote on 2020-07-02:

It sounds like the home dir is hard coded in Juju.

The request here is relatively straightforward: charms should reference the HOME env variable rather than looking directly for /home/ubuntu/.ssh.

There are probably a few traps here. I believe the rabbitmq uses HOME for things other than "the user's home directory," for example, and we want to make sure not to break that. But overall, a charm author should be able to do special things with the home dir without breaking ssh keys.

Changed in juju:
status:	New → Triaged
importance:	Undecided → High
milestone:	none → 2.8-next
milestone:	2.8-next → 2.9-beta1

Revision history for this message

Erik Lönroth (erik-lonroth) wrote on 2020-07-12:

Keep in mind that on other OS:es, /hom/ubuntu doesn't make any sense at all.

juju home should probably not be related to that at all.

Canonical Juju QA Bot (juju-qa-bot) on 2020-10-16

Changed in juju:
milestone:	2.9-beta1 → 2.9-rc1

Pen Gale (pengale) on 2020-10-21

tags:

added: community-feedback

Revision history for this message

Pen Gale (pengale) wrote on 2020-10-21:

Added bitesize tag. Can remove if this turns out to be something bigger.

tags:	added: bitesize
Changed in juju:
milestone:	2.9-rc1 → none
importance:	High → Medium

Revision history for this message

Canonical Juju QA Bot (juju-qa-bot) wrote on 2022-11-03:

This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.

Changed in juju:
importance:	Medium → Low
tags:	added: expirebugs-bot

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.