[jira] [Commented] (BROOKLYN-169) CreateUserPolicy always resets the password

Wed, 09 Sep 2015 03:02:37 -0700 

    [ 
https://issues.apache.org/jira/browse/BROOKLYN-169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14736581#comment-14736581
 ] 

ASF GitHub Bot commented on BROOKLYN-169:
-----------------------------------------

Github user aledsage commented on the pull request:

    https://github.com/apache/incubator-brooklyn/pull/877#issuecomment-138861495
  
    Thank @ygy 
    
    * I agree with Alex: the `BYON_USER_RESET_PASSWORD` config key should be on 
the policy rather than on `SshMachineLocation`. I don't understand your comment 
"I've moved it to `SshMachineLocation` so it is backward compatible as much as 
it can. It guarantees that customers will make no changes at their end." This 
is a new config key. Also, see below about the default being `false`.
    * `BYON_USER_RESET_PASSWORD` should default to `false`. We only got away 
with it with VMs provisioned with jclouds because the `user` was using an 
ssh-key rather than a password. We should not touch the existing user's 
configuration at all.
    * The name `byonResetLogin` feels wrong. This happens for byon, but it 
would also happen for non-byon locations. I'd change it to `RESET_LOGIN_USER` 
for the constant, and `createuser.vm.user.resetLoginUser` for the string name, 
with a `@SetFromFlag("resetLoginUser")`.
    
    @ahgittin it's in location-jclouds because it uses the jclouds 
`AdminAccess.builder` to build the command to be executed. However, it then 
executes it directly using the `SshMachineLocation` so works against BYON as 
well.


> CreateUserPolicy always resets the password
> -------------------------------------------
>
>                 Key: BROOKLYN-169
>                 URL: https://issues.apache.org/jira/browse/BROOKLYN-169
>             Project: Brooklyn
>          Issue Type: Bug
>    Affects Versions: 0.7.0, 0.8.0-SNAPSHOT
>         Environment: Linux
>            Reporter: Yavor Yanchev
>             Fix For: 0.8.0-SNAPSHOT
>
>
> CreateUserPolicy always resets the password for the "user".
> Even when it is used in conjunction with BYON location.
> Brooklyn fails to finish BYON location deployments when byon user's password 
> is changed.
> Currently, the byon user (used to create the new "user") gets password reset 
> to the newely generated password. In this case all subsequent commands will 
> fail, e.g. grantSudo.
> We need a new parameter (which can be set by the user) to determine when 
> password to be reset, e.g. CreateUserPolicy is used in combination with BYON



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to