[jira] [Commented] (CLOUDSTACK-10141) no password with instance creation

Sat, 20 Jan 2018 07:27:42 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10141?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16333223#comment-16333223
 ] 

Kristian Liivak commented on CLOUDSTACK-10141:
----------------------------------------------

Rohit, You forget why i made this ticket firstplace. No password and ssh key is 
created with instance . You can reset it after instance is ready.

So i modified my frontend which working over api to provision instance and 
after that reset key or password. But if customer chooses password reset key 
will be not modified.  In my opinion its not only serious regression but also 
security hole which can cause serious damage to operator.

My team will test it also in tuesday with 4.11 rc1

> no password with instance creation 
> -----------------------------------
>
>                 Key: CLOUDSTACK-10141
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10141
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Virtual Router
>    Affects Versions: 4.9.0, 4.10.0.0
>         Environment: 2 x Xenserver 7.0 pool.   ACSv 4.10,  system vms 4.10
>            Reporter: Kristian Liivak
>            Priority: Major
>              Labels: patch
>
> With instance creation password is not created
> I performed several tests with macchinina template. 
> Before that i restarted network with clean up option eg new VR was created.
> But result are: VR password file is not modified after instance creation. 
> File is not created when i first time created instance.
> Shutdown instance and reset password only created VR password file and it 
> contains correct entry
> I have only one network present. its one big /24 shared network for all vms. 
> Also ipv6 is present.  Cloudmonkey list network output is also added below.
> My log is here:; ips are changed with aaa.bbb.ccc
> Restarted netowrk with option cleanup. logged in to VR
> root@r-377-VM  :/ var/cache/cloud# ls -lah
> total 36K
> drwxr-xr-x  3 root root 4.0K Nov 13 14:35 .
> drwxr-xr-x 10 root root 4.0K Nov 13 14:29 ..
> -rw-r--r--  1 root root   29 Nov 13 14:29 boot_up_done
> -rw-r--r--  1 root root   33 Nov 13 14:28 cloud-scripts-signature
> -rw-r--r--  1 root root  754 Nov 13 14:29 cmdline
> -rw-r--r--  1 root root   33 Nov 13 14:29 disabled_svcs
> -rw-r--r--  1 root root    2 Nov 13 14:29 dnsmasq_managed_lease
> -rw-r--r--  1 root root   38 Nov 13 14:29 enabled_svcs
> drwxr-xr-x  2 root root 4.0K Nov 13 14:35 processed
> Created new instance and get gui password "Password of new VM Macchinina1 is 
> EJ4cQ2"
> Nothing changed in files /var/cache/cloud
> Shutdown instance and reset succesfully  password in gui"Password has been 
> reset to dt8sNZ"
> Now i have correct file created in VR and it contains correct password
> root@r-377-VM  :/ var/cache/cloud# ls -lah
> total 40K
> drwxr-xr-x  3 root root 4.0K Nov 13 14:37 .
> drwxr-xr-x 10 root root 4.0K Nov 13 14:29 ..
> -rw-r--r--  1 root root   29 Nov 13 14:29 boot_up_done
> -rw-r--r--  1 root root   33 Nov 13 14:28 cloud-scripts-signature
> -rw-r--r--  1 root root  754 Nov 13 14:29 cmdline
> -rw-r--r--  1 root root   33 Nov 13 14:29 disabled_svcs
> -rw-r--r--  1 root root    2 Nov 13 14:29 dnsmasq_managed_lease
> -rw-r--r--  1 root root   38 Nov 13 14:29 enabled_svcs
> -rw-r--r--  1 root root   21 Nov 13 14:37 passwords-aaa.bbb.ccc.2
> drwxr-xr-x  2 root root 4.0K Nov 13 14:37 processed
> root@r-377-VM  :/ var/cache/cloud# more passwords-aaa.bbb.ccc.2
> aaa.bbb.ccc.196=dt8sNZ
> Powered up instance and tailed VR  password file
> root@r-377-VM  :/ var/cache/cloud# tail -f passwords-aaa.bbb.ccc.2
> aaa.bbb.ccc.196=dt8sNZ
> tail: passwords-aaa.bbb.ccc.2: file truncated
> Vm have correct password. And VR password file is empty
> Next try with new instance. created. Password of new VM Macchinina2 is 
> U8jBqC,,  tailed VR password file. No changes at all..
> Stopped new instance. resetted password "Password has been reset to Y9mwzN"
> root@r-377-VM  :/ var/cache/cloud# tail -f passwords-aaa.bbb.ccc.2
> aaa.bbb.ccc.196=dt8sNZ
> aaa.bbb.ccc.169=Y9mwzN
> New password is there.
> tail: passwords-aaa.bbb.ccc.2: file truncated
> aaa.bbb.ccc.196=dt8sNZ
> Vm started. password is changed . VR password file entry is removed 
> Conclusion : with instance creation no password is provided. With password 
> reset everything is ok.  I noticed issue allready ACSv 4.9,  system vms 4.6 . 
> After upgade nothing changed.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to