Activity log for bug #1077020

Date Who What changed Old value New value Message
2012-11-09 15:09:30 Luis Arias bug added bug
2012-11-15 14:43:54 James Page cloud-init (Ubuntu): status New Confirmed
2012-11-15 14:43:56 James Page cloud-init (Ubuntu): importance Undecided High
2012-11-15 14:48:15 James Page bug task added cloud-init
2012-11-16 19:12:52 Scott Moser cloud-init: status New Triaged
2012-11-16 19:12:55 Scott Moser cloud-init: importance Undecided High
2012-11-16 19:12:58 Scott Moser cloud-init: milestone 0.7.2
2012-11-16 19:13:17 Scott Moser nominated for series Ubuntu Precise
2012-11-16 19:13:17 Scott Moser bug task added cloud-init (Ubuntu Precise)
2012-11-16 19:13:17 Scott Moser nominated for series Ubuntu Quantal
2012-11-16 19:13:17 Scott Moser bug task added cloud-init (Ubuntu Quantal)
2012-11-16 19:13:17 Scott Moser nominated for series Ubuntu Raring
2012-11-16 19:13:17 Scott Moser bug task added cloud-init (Ubuntu Raring)
2012-11-16 19:13:29 Scott Moser cloud-init (Ubuntu Quantal): status New Triaged
2012-11-16 19:13:31 Scott Moser cloud-init (Ubuntu Precise): status New Triaged
2012-11-16 19:13:35 Scott Moser cloud-init (Ubuntu Precise): importance Undecided High
2012-11-16 19:13:37 Scott Moser cloud-init (Ubuntu Quantal): importance Undecided High
2012-12-02 02:36:56 Scott Moser description Using a cloud-init yaml file adding a certificate like this: ca-certs: # If present, the 'trusted' parameter should contain a certificate (or list # of certificates) to add to the system as trusted CA certificates. # Pay close attention to the YAML multiline list syntax. The example shown # here is for a list of multiline certificates. # - Amazon RDS SSL Certificate (http://s3.amazonaws.com/rds-downloads/mysql-ssl-ca-cert.pem) trusted: - | -----BEGIN CERTIFICATE----- MIIDQzCCAqygAwIBAgIJAOd1tlfiGoEoMA0GCSqGSIb3DQEBBQUAMHUxCzAJBgNV BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMRMw EQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNSRFMxHDAaBgNVBAMTE2F3cy5h bWF6b24uY29tL3Jkcy8wHhcNMTAwNDA1MjI0NDMxWhcNMTUwNDA0MjI0NDMxWjB1 MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2Vh dHRsZTETMBEGA1UEChMKQW1hem9uLmNvbTEMMAoGA1UECxMDUkRTMRwwGgYDVQQD ExNhd3MuYW1hem9uLmNvbS9yZHMvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQDKhXGU7tizxUR5WaFoMTFcxNxa05PEjZaIOEN5ctkWrqYSRov0/nOMoZjqk8bC med9vPFoQGD0OTakPs0jVe3wwmR735hyVwmKIPPsGlaBYj1O6llIpZeQVyupNx56 UzqtiLaDzh1KcmfqP3qP2dInzBfJQKjiRudo1FWnpPt33QIDAQABo4HaMIHXMB0G A1UdDgQWBBT/H3x+cqSkR/ePSIinPtc4yWKe3DCBpwYDVR0jBIGfMIGcgBT/H3x+ cqSkR/ePSIinPtc4yWKe3KF5pHcwdTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh c2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxEzARBgNVBAoTCkFtYXpvbi5jb20x DDAKBgNVBAsTA1JEUzEcMBoGA1UEAxMTYXdzLmFtYXpvbi5jb20vcmRzL4IJAOd1 tlfiGoEoMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAvguZy/BDT66x GfgnJlyQwnFSeVLQm9u/FIvz4huGjbq9dqnD6h/Gm56QPFdyMEyDiZWaqY6V08lY LTBNb4kcIc9/6pc0/ojKciP5QJRm6OiZ4vgG05nF4fYjhU7WClUx7cxq1fKjNc2J UCmmYqgiVkAGWRETVo+byOSDZ4swb10= -----END CERTIFICATE----- The certificate is added to the /etc/ca-certificates.conf file but there is a blank line between the previous content and the line added by cloud-init. In this situation running update-ca-certificates doesn't take the cloud-init certificates into account. Removing the blank line and running update-ca-certificates again fixes the issue. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: cloud-init 0.6.3-0ubuntu1.1 ProcVersionSignature: User Name 3.2.0-31.50-virtual 3.2.28 Uname: Linux 3.2.0-31-virtual x86_64 ApportVersion: 2.0.1-0ubuntu14 Architecture: amd64 Date: Fri Nov 9 15:01:03 2012 Ec2AMI: ami-3d4ff254 Ec2AMIManifest: (unknown) Ec2AvailabilityZone: us-east-1d Ec2InstanceType: m1.medium Ec2Kernel: aki-825ea7eb Ec2Ramdisk: unavailable PackageArchitecture: all ProcEnviron: TERM=screen PATH=(custom, user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: cloud-init UpgradeStatus: No upgrade log present (probably fresh install) == Begin SRU Information == [Impact] * a documented feature of cloud-init, for adding ca-certificates does not function as it should. Instead, certificates added in this manner simply are ignored. This is because apparently, a line directly following a blank line in /etc/ca-certificates.conf is ignored. [Test Case] - start a cloud instance with no user-data - add content below to /etc/cloud/cloud.cfg.d/99-local-certs.cfg - run the ca-certs code through cloud-init single you will see output from update-ca-certificates indicating no new certificates were added $ sudo cloud-init single --name=ca_certs --frequency=always Cloud-init v. 0.7 running 'single' at Sun, 02 Dec 2012 02:23:21 +0000. Up 2429.68 seconds. Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d....done. # this can be fixed by removing the blank line and re-running # update-ca-certificates Also, note that the following has no output: $ ls -l /usr/lib/ssl/certs/ | grep -i cloud - edit /etc/ca-certificates.conf, remove cloud-init added entry $ sed -i '/cloud-init-ca-certs.crt/d' - upgrade cloud-init, re-run the ca_certs $ sudo dpkg -i cloud-init_all.deb $ sudo cloud-init single --name=ca_certs --frequency=always This time, you will see output containing: "1 added, 0 removed; done." Also, (trimmed output), you will see: $ ls -l /usr/lib/ssl/certs/ | grep -i cloud lrwxrwxrwx b1d2b355.0 -> cloud-init-ca-certs.pem lrwxrwxrwx cbbf81bb.0 -> cloud-init-ca-certs.pem lrwxrwxrwx cloud-init-ca-certs.pem -> /usr/share/ca-certificates/cloud-init-ca-certs.crt [Regression Potential] * regression potential is low. It could break the ca_certs module further, but the module is not functional as it is. Tracebacks are caught when modules are executed, so there is really no potential for further harm. == End SRU Information == Using a cloud-init yaml file adding a certificate like this: # BEGIN /etc/cloud/cloud.cfg.d/99-local-certs.cfg ca-certs:   # If present, the 'trusted' parameter should contain a certificate (or list   # of certificates) to add to the system as trusted CA certificates.   # Pay close attention to the YAML multiline list syntax. The example shown   # here is for a list of multiline certificates.   # - Amazon RDS SSL Certificate (http://s3.amazonaws.com/rds-downloads/mysql-ssl-ca-cert.pem)   trusted:     - |       -----BEGIN CERTIFICATE-----       MIIDQzCCAqygAwIBAgIJAOd1tlfiGoEoMA0GCSqGSIb3DQEBBQUAMHUxCzAJBgNV       BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMRMw       EQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNSRFMxHDAaBgNVBAMTE2F3cy5h       bWF6b24uY29tL3Jkcy8wHhcNMTAwNDA1MjI0NDMxWhcNMTUwNDA0MjI0NDMxWjB1       MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2Vh       dHRsZTETMBEGA1UEChMKQW1hem9uLmNvbTEMMAoGA1UECxMDUkRTMRwwGgYDVQQD       ExNhd3MuYW1hem9uLmNvbS9yZHMvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB       gQDKhXGU7tizxUR5WaFoMTFcxNxa05PEjZaIOEN5ctkWrqYSRov0/nOMoZjqk8bC       med9vPFoQGD0OTakPs0jVe3wwmR735hyVwmKIPPsGlaBYj1O6llIpZeQVyupNx56       UzqtiLaDzh1KcmfqP3qP2dInzBfJQKjiRudo1FWnpPt33QIDAQABo4HaMIHXMB0G       A1UdDgQWBBT/H3x+cqSkR/ePSIinPtc4yWKe3DCBpwYDVR0jBIGfMIGcgBT/H3x+       cqSkR/ePSIinPtc4yWKe3KF5pHcwdTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh       c2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxEzARBgNVBAoTCkFtYXpvbi5jb20x       DDAKBgNVBAsTA1JEUzEcMBoGA1UEAxMTYXdzLmFtYXpvbi5jb20vcmRzL4IJAOd1       tlfiGoEoMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAvguZy/BDT66x       GfgnJlyQwnFSeVLQm9u/FIvz4huGjbq9dqnD6h/Gm56QPFdyMEyDiZWaqY6V08lY       LTBNb4kcIc9/6pc0/ojKciP5QJRm6OiZ4vgG05nF4fYjhU7WClUx7cxq1fKjNc2J       UCmmYqgiVkAGWRETVo+byOSDZ4swb10=       -----END CERTIFICATE----- # END /etc/cloud/cloud.cfg.d/99-local-certs.cfg The certificate is added to the /etc/ca-certificates.conf file but there is a blank line between the previous content and the line added by cloud-init. In this situation running update-ca-certificates doesn't take the cloud-init certificates into account. Removing the blank line and running update-ca-certificates again fixes the issue. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: cloud-init 0.6.3-0ubuntu1.1 ProcVersionSignature: User Name 3.2.0-31.50-virtual 3.2.28 Uname: Linux 3.2.0-31-virtual x86_64 ApportVersion: 2.0.1-0ubuntu14 Architecture: amd64 Date: Fri Nov 9 15:01:03 2012 Ec2AMI: ami-3d4ff254 Ec2AMIManifest: (unknown) Ec2AvailabilityZone: us-east-1d Ec2InstanceType: m1.medium Ec2Kernel: aki-825ea7eb Ec2Ramdisk: unavailable PackageArchitecture: all ProcEnviron:  TERM=screen  PATH=(custom, user)  LANG=en_US.UTF-8  SHELL=/bin/bash SourcePackage: cloud-init UpgradeStatus: No upgrade log present (probably fresh install)
2012-12-02 02:47:55 Launchpad Janitor branch linked lp:cloud-init
2012-12-02 02:48:54 Scott Moser cloud-init: status Triaged Fix Committed
2012-12-02 02:48:54 Scott Moser cloud-init: assignee Scott Moser (smoser)
2012-12-02 02:59:25 Launchpad Janitor branch linked lp:~smoser/ubuntu/quantal/cloud-init/sru
2012-12-02 03:40:27 Scott Moser cloud-init (Ubuntu Quantal): status Triaged In Progress
2012-12-02 03:40:31 Scott Moser cloud-init (Ubuntu Quantal): assignee Scott Moser (smoser)
2012-12-02 04:19:33 todaioan cloud-init (Ubuntu Precise): status Triaged Fix Committed
2012-12-02 04:20:16 todaioan cloud-init (Ubuntu Quantal): status In Progress Opinion
2012-12-03 17:13:15 Scott Moser cloud-init (Ubuntu Quantal): status Opinion In Progress
2012-12-03 17:13:19 Scott Moser cloud-init (Ubuntu Precise): status Fix Committed Triaged
2012-12-04 03:14:15 Launchpad Janitor cloud-init (Ubuntu Raring): status Confirmed Fix Released
2012-12-04 03:20:51 Scott Moser cloud-init (Ubuntu Raring): assignee Scott Moser (smoser)
2012-12-04 13:28:09 Launchpad Janitor branch linked lp:ubuntu/cloud-init
2012-12-04 16:00:45 todaioan cloud-init (Ubuntu Precise): status Triaged Fix Released
2012-12-04 16:00:45 todaioan cloud-init (Ubuntu Precise): assignee todaioan (alan-ar06)
2012-12-04 17:10:54 Scott Moser cloud-init (Ubuntu Precise): status Fix Released Triaged
2012-12-13 20:30:13 Clint Byrum cloud-init (Ubuntu Quantal): status In Progress Fix Committed
2012-12-13 20:30:15 Clint Byrum bug added subscriber Ubuntu Stable Release Updates Team
2012-12-13 20:30:20 Clint Byrum bug added subscriber SRU Verification
2012-12-13 20:30:28 Clint Byrum tags amd64 apport-bug ec2-images precise amd64 apport-bug ec2-images precise verification-needed
2013-01-07 04:13:56 Adolfo Jayme Barrientos cloud-init (Ubuntu Precise): assignee todaioan (alan-ar06)
2013-01-09 00:43:20 Scott Moser tags amd64 apport-bug ec2-images precise verification-needed amd64 apport-bug ec2-images precise verification-done
2013-01-09 14:31:28 Scott Moser attachment added user-data file appropriate for testing https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1077020/+attachment/3478023/+files/my.ud
2013-01-09 14:40:10 Scott Moser attachment added slightly simplified version of user-data, should work on precise also https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1077020/+attachment/3478025/+files/my.ud
2013-01-09 15:43:52 Launchpad Janitor branch linked lp:~smoser/ubuntu/precise/cloud-init/sru
2013-01-16 14:20:59 Colin Watson removed subscriber Ubuntu Stable Release Updates Team
2013-01-16 14:21:09 Launchpad Janitor cloud-init (Ubuntu Quantal): status Fix Committed Fix Released
2013-02-19 18:27:41 Clint Byrum cloud-init (Ubuntu Precise): status Triaged Fix Committed
2013-02-19 18:27:45 Clint Byrum bug added subscriber Ubuntu Stable Release Updates Team
2013-02-19 18:27:48 Clint Byrum tags amd64 apport-bug ec2-images precise verification-done amd64 apport-bug ec2-images precise
2013-02-19 18:27:50 Clint Byrum tags amd64 apport-bug ec2-images precise amd64 apport-bug ec2-images precise verification-needed
2013-02-19 22:10:35 Scott Moser tags amd64 apport-bug ec2-images precise verification-needed amd64 apport-bug ec2-images precise verification-done
2013-02-27 02:43:11 Launchpad Janitor cloud-init (Ubuntu Precise): status Fix Committed Fix Released
2013-05-15 19:58:24 Scott Moser cloud-init: status Fix Committed Fix Released
2013-05-15 19:58:24 Scott Moser cloud-init: milestone 0.7.2
2013-08-28 11:32:39 Launchpad Janitor branch linked lp:~ubuntu-branches/ubuntu/precise/cloud-init/precise-proposed
2013-08-28 11:32:56 Launchpad Janitor branch linked lp:~ubuntu-branches/ubuntu/precise/cloud-init/precise-updates
2013-08-28 11:33:11 Launchpad Janitor branch linked lp:~ubuntu-branches/ubuntu/quantal/cloud-init/quantal-proposed
2023-05-09 22:11:12 James Falcon bug watch added https://github.com/canonical/cloud-init/issues/2318