StarlingX

sysadmin user not using bash shell

Bug #1942455 reported by Jim Gauld on 2021-09-02

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	Low	Jim Gauld

Bug Description

Brief Description
-----------------
sysadmin user is configured with /bin/sh and not /bin/bash . This is inconsistent with 'root'.
This has unintentional side effects with in-line scripting and bash-completion doesn't work.
i.e., enter a command like, "kubectl desc<tab>" and hitting the tab repeatedly completes the command and so on, this dramatically improves user interactive experience.
Many users may not notice the difference.

Current configuration of sysadmin user has /bin/sh .
grep -e sysadmin -e root /etc/passwd
root:x:0:0:root:/root:/bin/bash
sysadmin:x:42425:345::/home/sysadmin:/bin/sh

The sysadmin user is added via the following code:
./stx/config-files/sudo-config/centos/sudo-config.spec
%pre
getent group sys_protected >/dev/null || groupadd -f -g 345 sys_protected
getent passwd sysadmin > /dev/null || \
useradd -m -g sys_protected -G root \
-d /home/sysadmin -p %{SYSADMIN_P} \
-s /bin/sh sysadmin 2> /dev/null || :

Severity
--------
Minor: System is usable, with minor issue.

Steps to Reproduce
------------------
Install lab. Login as sysadmin.
echo $SHELL

Expected Behavior
------------------
login as sysadmin.
echo $SHELL
/bin/bash

bash-completion of kubectl commands work.

Actual Behavior
----------------
echo $SHELL
/bin/sh

bash-completion of kubectl commands don't work.

Reproducibility
---------------
100%, but some designers have seen bash-completion work sometimes on HW.

System Configuration
--------------------
AIO-SX. This affects all systems.

Branch/Pull Time/Commit
-----------------------
NA.

Last Pass
---------
NA. Day one config.

Timestamp/Logs
--------------
NA.

Test Activity
-------------
Developer Testing of kubernetes upgrade.

Workaround
----------
Manually enter bash shell.
bash

Modify /etc/passwd 'sysadmin' user to use /bin/bash.

Tags:

Jim Gauld (jgauld) on 2021-09-02

Changed in starlingx:
assignee:	nobody → Jim Gauld (jgauld)

Revision history for this message

Jim Gauld (jgauld) wrote on 2021-09-02:

Modifying sudo-config.spec only fixes initial install of the ISO.
There is something still that overrides this configuration, TBD.

Revision history for this message

Jim Gauld (jgauld) wrote on 2021-09-02:

The /etc/passwd is regenerated and configured during bootstrap, and later during upgrade and runtime.
./stx/stx-puppet/puppet-manifests/src/modules/platform/manifests/users.pp
  -> user { 'sysadmin':
    ensure => 'present',
    groups => ['root', $::platform::params::protected_group_name],
    home => '/home/sysadmin',
    password => $sysadmin_password,
    password_max_age => $sysadmin_password_max_age,
    shell => '/bin/sh',
  }

The shell should be changed to '/bin/bash'.

Jim Gauld (jgauld) on 2021-12-08

information type:	Private Security → Private
information type:	Private → Public

Ghada Khalil (gkhalil) on 2021-12-15

Changed in starlingx:
importance:	Undecided → Low
status:	New → Triaged
tags:	added: stx.7.0 stx.containers
tags:	removed: stx.7.0

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-17: Fix proposed to stx-puppet (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/stx-puppet/+/842014

Changed in starlingx:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-10: Fix merged to stx-puppet (master)

Reviewed: https://review.opendev.org/c/starlingx/stx-puppet/+/842014
Committed: https://opendev.org/starlingx/stx-puppet/commit/83a6c5a25114ebe6626b2a0215af07a91ee5517b
Submitter: "Zuul (22348)"
Branch: master

commit 83a6c5a25114ebe6626b2a0215af07a91ee5517b
Author: Kaustubh Dhokte <email address hidden>
Date: Mon May 16 20:49:54 2022 -0400

Change 'sysadmin' default shell to bash

The user 'sysadmin' by default uses /bin/sh. Changing it to
/bin/bash will enable k8s commands autocompletion.

    Test Plan: (On both CentOS and Debian)
    PASS: Install AIO-SX lab. Verify k8s commands autocomplete
          works. Perform lock, unlock and reboot operations.
          Verify that the sysadmin continues to use /bin/bash as the
          default shell and k8s autocomplete works after each
          operation

Closes-bug: 1942455

Signed-off-by: Kaustubh Dhokte <email address hidden>
Change-Id: Ibe2f097b77d7c2b6842b309faf7b5a35a89fad49

Changed in starlingx:
status:	In Progress → Fix Released

Ghada Khalil (gkhalil) on 2022-07-17

tags:

added: stx.7.0

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.