MAAS

maas overwrites user in slot 10 on Cisco CIMC

Bug #1269664 reported by Jeff Lane  on 2014-01-16

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	MAAS	Fix Released	High	Unassigned

Bug Description

This may not be a real bug, but:

I had a Cisco UCS machine in a maas pool. This one had an issue earlier where the maas user was created with insufficient privileges initially.

So I was attempting to recreate this by making the maas user disappear.

In the CIMC, I am not able to just delete a user, so instead, I renamed the user from maas to joebob in the username. but left the user account enabled.

I then powered the UCS server back on to re-enlist it, expecting it to create the MAAS user somewhere else (the CIMC has 15 available slots).

Instead of creating a new maas user elsewhere, it overwrote slot 10 with the new maas user and that user's password.

Tags:

Revision history for this message

Julian Edwards (julian-edwards) wrote on 2014-01-16:

What do you expect to happen?

Changed in maas:
status:	New → Incomplete

Revision history for this message

Jeff Lane  (bladernr) wrote on 2014-01-29:

Expectations are for MAAS to find an unused slot and not expect to overwrite an existing user in a particular slot.

Use case:

in a DC, I have 11 admins who have CIMC access to my UCS servers, each has an account on the CIMC.
Then I move the server into MAAS and instead of maas finding slot 12, it overwrites slot 10, and Bill the Admin can no longer log into the CIMC because his account has been overwritten.

What I did was change slot 10 to a user, joebob, with his own password and then re-enlisted the machine... at this time there were only two accounts in the ... 15 available slots on the CIMC, Admin and Joebob. But rather than use an open slot, MAAS overwrote slot 10.

Ultimately, perhaps something like this:
MAAS looks for an open slot, and if it doesn't find one, enlistment fails (or succeeds with caveats) and the UI displays a message like: Server xyz.local enlisted but there is no maas user in the management system. Please correct this and re-enlist server xyz.local or edit the server with valid admin username and password before proceeding to Commissioning stage."

When I add a machine manually, I can enter an admin username and password for the BMC/AMT device, so there's really no reason maas can't keep that data and use it instead of creating a second admin user with it's own password. At least that's my naive view of it.

Changed in maas:
status:	Incomplete → New

Julian Edwards (julian-edwards) on 2014-01-29

Changed in maas:
status:	New → Triaged
importance:	Undecided → High
tags:	added: power

Revision history for this message

Andres Rodriguez (andreserl) wrote on 2014-08-28:

Hi Jeff,

We should have fixed this bug and now it should select the first available user. Marking this fix release as it is released as part of 1.5.X series.

Cheers

tags:	added: server-hwe
Changed in maas:
status:	Triaged → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.