[SRU] cannot sudo, prompted for password on 12.04 Windows Azure
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init (Ubuntu) |
Fix Released
|
Critical
|
Scott Moser | ||
Precise |
Fix Released
|
Critical
|
Unassigned |
Bug Description
[IMPACT] On Windows Azure for 12.04, cloud-init fails to set right user name for the sudoer.d file unless the user sets a password. This means that SSH-key auth users are locked out of sudo access, effectively making the instance useless.
This is critical, as instances that are affected are completely useless for things requiring sudo access. There is no recovery and no work around.
This only affects new instances, not existing instances. However, it may affect rebundled instances.
[Test Case] Launch a new build with -proposed using SSH-only authentication. The defined user in the launch should be able to "sudo -i".
[Regression Potential] Regression potential is low, as this fixes a completely broken feature.
[Original Report]:
Launcing an instance like this:
azure vm create --vm-size=
results in being prompted for a password on sudo.
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: cloud-init 0.6.3-0ubuntu1.6
ProcVersionSign
Uname: Linux 3.2.0-53-virtual x86_64
ApportVersion: 2.0.1-0ubuntu17.4
Architecture: amd64
Date: Thu Sep 12 20:45:02 2013
MarkForUpload: True
PackageArchitec
ProcEnviron:
TERM=screen
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: cloud-init
UpgradeStatus: No upgrade log present (probably fresh install)
summary: |
- cannot sudo, prompted for password + [SRU] cannot sudo, prompted for password on 12.04 Windows Azure |
Changed in cloud-init (Ubuntu Precise): | |
assignee: | nobody → Ben Howard (utlemming) |
Changed in cloud-init (Ubuntu): | |
assignee: | nobody → Ben Howard (utlemming) |
assignee: | Ben Howard (utlemming) → Scott Moser (smoser) |
description: | updated |
Here is what went wrong: d/90-cloudimg- ubuntu
$ sudo cat /etc/sudoers.
# ubuntu user is default user in cloud-images.
# It needs passwordless sudo functionality.
ubuntu ALL=(ALL) NOPASSWD:ALL
The user provisioned was 'smoser'. but 'ubuntu' was given passwordless sudo.