fail if HOME environment variable is not set

Bug #1570997 reported by Scott Moser on 2016-04-15
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ssh-import-id
Low
Dustin Kirkland 
ssh-import-id (Ubuntu)
Low
Dustin Kirkland 
Xenial
Low
Scott Moser
Bionic
Undecided
Unassigned

Bug Description

=== Begin SRU Template ===
[Impact]
Running ssh-import-id without environment variable HOME set
will fail and print an error message like:

 TypeError: join() argument must be str or bytes, not 'NoneType'

[Test Case]
$ name="my-x"
$ ud=$(printf '%s\n%s\n' '#!/bin/sh' 'ssh-import-id smoser')
$ lxc launch ubuntu-daily:xenial "$name" "--config=user.user-data=$ud"

To see failure, you can then just:
$ lxc exec "$name" -- cat /run/cloud-init/result.json
{
 "v1": {
  "datasource": "DataSourceHetzner",
  "errors": [
   "('scripts-user', RuntimeError('Runparts: 1 failures in 1 attempted commands',))"
  ]
 }
}

$ lxc exec "$name" -- grep "ssh-import-id lp:smoser" /root/.ssh/authorized_keys &&
    echo GOOD || echo FAIL

[Regression Potential]
Regression is unlikely. The code only does anything if HOME is not present.
This has been in Artful and Bionic since 2016-09-16.

[Other Info]
Upstream merge proposal:
 https://code.launchpad.net/~smoser/ssh-import-id/trunk.lp1570997/+merge/326692

=== End SRU Template ===

I've modified /usr/bin/ssh-import-id to show a stack trace rather than unhelpful message:
 TypeError: join() argument must be str or bytes, not 'NoneType'

Then, running:
$ env -u HOME ssh-import-id smoser
Traceback (most recent call last):
  File "/usr/bin/ssh-import-id", line 62, in <module>
    main()
  File "/usr/bin/ssh-import-id", line 45, in main
    k = import_keys(proto, username, parser.options.useragent)
  File "/usr/lib/python3/dist-packages/ssh_import_id/__init__.py", line 204, in import_keys
    local_keys = key_list(read_keyfile())
  File "/usr/lib/python3/dist-packages/ssh_import_id/__init__.py", line 135, in read_keyfile
    output_file = parser.options.output or os.path.join(os.getenv("HOME"), ".ssh", "authorized_keys")
  File "/usr/lib/python3.5/posixpath.py", line 89, in join
    genericpath._check_arg_types('join', a, *p)
  File "/usr/lib/python3.5/genericpath.py", line 143, in _check_arg_types
    (funcname, s.__class__.__name__)) from None
TypeError: join() argument must be str or bytes, not 'NoneType'

I came to find this by trying to launch an instance with:

$ ec2metadata --user-data
#!/bin/sh
exec >/my.log 2>&1
cat /proc/uptime
date -R
ssh-import-id smoser

The basic issue is that the environment that cloud-init runs in does not have HOME set.

I suggest using os.path.expanduser
def authorized_key_file():
        return os.path.join(os.path.expanduser("~"), ".ssh", "authorized_keys")

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: ssh-import-id 5.5-0ubuntu1 [modified: usr/bin/ssh-import-id]
ProcVersionSignature: User Name 4.4.0-18.34-generic 4.4.6
Uname: Linux 4.4.0-18-generic x86_64
ApportVersion: 2.20.1-0ubuntu1
Architecture: amd64
Date: Fri Apr 15 17:36:09 2016
Ec2AMI: ami-929f8cf8
Ec2AMIManifest: ubuntu-us-east-1/images-testing/hvm-instance/ubuntu-xenial-daily-amd64-server-20160412.manifest.xml
Ec2AvailabilityZone: us-east-1c
Ec2InstanceType: m3.medium
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
PackageArchitecture: all
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: ssh-import-id
UpgradeStatus: No upgrade log present (probably fresh install)

Related branches

Scott Moser (smoser) wrote :
Scott Moser (smoser) on 2016-04-15
Changed in ssh-import-id (Ubuntu):
status: New → Confirmed
importance: Undecided → Low
Scott Moser (smoser) on 2016-04-15
Changed in ssh-import-id:
status: New → Confirmed
importance: Undecided → Low
tags: added: bot-stop-nagging
Scott Moser (smoser) wrote :

A recreate for this is as simple as:
$ ud=$(printf '%s\n%s\n' '#!/bin/sh' 'ssh-import-id smoser')
$ lxc launch ubuntu-daily:xenial "--config=user.user-data=$ud"

A work around is to just to set the HOME environment:

$ ud=$(printf '%s\n%s\n' '#!/bin/sh' 'HOME=/root ssh-import-id smoser')

Changed in ssh-import-id (Ubuntu):
assignee: nobody → Scott Moser (smoser)
Andreas Hasenack (ahasenack) wrote :

Scott, since you have an MP up for this, could you assign the ssh-import-id task to yourself and mark it as in progress please?

Changed in ssh-import-id (Ubuntu):
assignee: Scott Moser (smoser) → nobody
Scott Moser (smoser) on 2017-07-10
Changed in ssh-import-id:
status: Confirmed → In Progress
assignee: nobody → Scott Moser (smoser)
Changed in ssh-import-id:
assignee: Scott Moser (smoser) → Dustin Kirkland  (kirkland)
Changed in ssh-import-id:
status: In Progress → Fix Committed
Changed in ssh-import-id (Ubuntu):
status: Confirmed → Fix Committed
assignee: nobody → Dustin Kirkland  (kirkland)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ssh-import-id - 5.7-0ubuntu1

---------------
ssh-import-id (5.7-0ubuntu1) artful; urgency=medium

  [ Scott Moser ]
  * ssh_import_id/__init__.py: LP: #1570997
    - read_keyfile: use getpass and expanduser if HOME not set.
      If the HOME environment variable was not set, then use getpass and
      expanduser to try to find the right path.
      Recreate was as simple as:
        env -u HOME ssh-import-id bob

  [ Dustin Kirkland ]
  * ssh_import_id/__init__.py:
    - fix typo, missing colon

 -- Dustin Kirkland <email address hidden> Fri, 16 Sep 2016 10:13:35 -0500

Changed in ssh-import-id (Ubuntu):
status: Fix Committed → Fix Released
Scott Moser (smoser) on 2018-03-27
description: updated
Scott Moser (smoser) on 2018-03-27
Changed in ssh-import-id (Ubuntu Xenial):
status: New → In Progress
importance: Undecided → Low
assignee: nobody → Scott Moser (smoser)
touny (souliyavong) on 2018-04-02
Changed in ssh-import-id:
status: Fix Committed → Confirmed
status: Confirmed → Incomplete
status: Incomplete → Fix Released
Changed in ssh-import-id (Ubuntu Xenial):
status: In Progress → Fix Released

Hello Scott, or anyone else affected,

Accepted ssh-import-id into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ssh-import-id/5.5-0ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in ssh-import-id (Ubuntu Xenial):
status: Fix Released → Fix Committed
tags: added: verification-needed verification-needed-xenial
Scott Moser (smoser) wrote :

The upstream commit didnt' actually fix the issue, as there are 2 occurences that use HOME.

tags: added: verification-failed-xeniall
removed: verification-needed verification-needed-xenial
tags: added: verification-failed-xenial
removed: verification-failed-xeniall
Brian Murray (brian-murray) wrote :

Hello Scott, or anyone else affected,

Accepted ssh-import-id into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ssh-import-id/5.7-0ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in ssh-import-id (Ubuntu Bionic):
status: New → Fix Committed
tags: added: verification-needed verification-needed-bionic
Scott Moser (smoser) on 2018-05-23
description: updated
description: updated
Scott Moser (smoser) wrote :
Changed in ssh-import-id (Ubuntu Xenial):
status: Fix Committed → Triaged
tags: added: verification-done verification-done-bionic
removed: verification-failed-xenial verification-needed verification-needed-bionic xenial
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ssh-import-id - 5.7-0ubuntu1.1

---------------
ssh-import-id (5.7-0ubuntu1.1) bionic; urgency=medium

  * Convert source foramt to "3.0 (quilt)", implicitly removing
    ssh_import_id.egg-info presumably included in last upload by
    mistake.
  * Backport some fixes from cosmic:
    - d/patches/0001-lp-1770302-output-flushing.patch: Ensure error
      messages in fetch_keys_gh get flushed by replacing calls to print
      with calls to die and calls to os._exit() with calls to sys.exit.
      (LP: #1770302)
    - d/patches/0002-lp-1770503-launchpad-error-checking.patch: Check
      status code of response when fetching ssh keys from Launchpad.
      (LP: #1770305)
    - d/patches/0003-lp-1570997-find-keys-no-HOME.patch: Get path to
      user's authorized_keys even if HOME is not set. (LP: #1570997)

 -- Michael Hudson-Doyle <email address hidden> Thu, 17 May 2018 11:40:43 +1200

Changed in ssh-import-id (Ubuntu Bionic):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for ssh-import-id has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers