chpasswd: is mangling certain password hashes

Bug #1811446 reported by Ryan Harper on 2019-01-11
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
cloud-init
Undecided
Unassigned
cloud-init (Ubuntu)
Undecided
Unassigned

Bug Description

#cloud-config

# from 1 files
# part-001

---
chpasswd:
    expire: false
    list: 'root:$2y$10$8BQjxjVByHA/Ee.O1bCXtO8S7Y5WojbXWqnqYpUW.BrPx/Dlew1Va

        '

From #cloud-init

<marlinc_> Hey there, I'm not sure whether I'm running into a bug or not
<marlinc_> I'm trying to set the password hash for the root user on a system using the chpasswd module
<marlinc_> It should match new hash at this line in the module but it doens't seem to match
<marlinc_> https://github.com/cloud-init/cloud-init/blame/master/cloudinit/config/cc_set_passwords.py#L163
<marlinc_> I can confirm this when running it through https://regex101.com/r/Nj7VTZ/1
<marlinc_> Then I was thinking, isn't [] for lists of characters rather than lists of strings
<marlinc_> Changing it to \$(1|2a|2y|5|6)(\$.+){2} does work
<marlinc_> At least in regex101
<marlinc_> smoser, you any idea, I saw you commited the change: https://github.com/cloud-init/cloud-init/commit/21632972df034c200578e1fbc121a07f20bb8774
<smoser> marlinc_: i'd think yes. that is a bug for the '2a' and '2y'

Related branches

Marlin Cremers (marlinc) on 2019-01-11
description: updated
Chad Smith (chad.smith) on 2019-01-15
Changed in cloud-init (Ubuntu):
status: New → In Progress
Changed in cloud-init:
status: New → In Progress

This bug is fixed with commit ad170db9 to cloud-init on branch master.
To view that commit see the following URL:
https://git.launchpad.net/cloud-init/commit/?id=ad170db9

Changed in cloud-init:
status: In Progress → Fix Committed
Marlin Cremers (marlinc) on 2019-01-15
Changed in cloud-init (Ubuntu):
status: In Progress → Fix Committed
status: Fix Committed → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 18.5-17-gd1a2fe73-0ubuntu1

---------------
cloud-init (18.5-17-gd1a2fe73-0ubuntu1) disco; urgency=medium

  * New upstream snapshot.
    - opennebula: exclude EPOCHREALTIME as known bash env variable with a
      delta (LP: #1813383)
    - tox: fix disco httpretty dependencies for py37 (LP: #1813361)
    - run-container: uncomment baseurl in yum.repos.d/*.repo when using a
      proxy [Paride Legovini]
    - lxd: install zfs-linux instead of zfs meta package
      [Johnson Shi] (LP: #1799779)
    - net/sysconfig: do not write a resolv.conf file with only the header.
      [Robert Schweikert]
    - net: Make sysconfig renderer compatible with Network Manager.
      [Eduardo Otubo]
    - cc_set_passwords: Fix regex when parsing hashed passwords
      [Marlin Cremers] (LP: #1811446)
    - net: Wait for dhclient to daemonize before reading lease file
      [Jason Zions] (LP: #1794399)
    - [Azure] Increase retries when talking to Wireserver during metadata walk
      [Jason Zions]
    - Add documentation on adding a datasource.
    - doc: clean up some datasource documentation.
    - ds-identify: fix wrong variable name in ovf_vmware_transport_guestinfo.
    - Scaleway: Support ssh keys provided inside an instance tag. [PORTE Loïc]
    - OVF: simplify expected return values of transport functions.
    - Vmware: Add support for the com.vmware.guestInfo OVF transport.
      (LP: #1807466)
    - HACKING.rst: change contact info to Josh Powers

 -- Chad Smith <email address hidden> Sat, 26 Jan 2019 08:27:35 -0700

Changed in cloud-init (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers