This bug was fixed in the package nova - 3:25.2.1-0ubuntu2.3~cloud0
---
nova (3:25.2.1-0ubuntu2.3~cloud0) focal; urgency=medium
.
* SECURITY UPDATE for Ubuntu Cloud Archive. backport to focal.
.
nova (3:25.2.1-0ubuntu2.3) jammy-security; urgency=medium
.
* SECURITY UPDATE: A
As I understand it this patch will stop the permissions from being
changed to 0644 going forward but it doesn't do anything to change the
permission from 0644 to 0600. Shouldn't that also be fixed?
** Changed in: nova (Ubuntu Impish)
Status: Triaged => Fix Committed
** Tags added: verifica
This bug was fixed in the package nova - 3:25.0.0-0ubuntu2
---
nova (3:25.0.0-0ubuntu2) kinetic; urgency=medium
* d/nova-common.postinst: Don't change file permissions under
/var/lib/nova/.ssh (LP: #1904580).
-- Felipe Reyes Fri, 6 May 2022 17:03:39
-0300
** Changed in: nov
Thank you Felipe and Rodrigo for this fix. It's been uploaded to focal,
impish, jammy unapproved queues, and victoria/wallaby staging for the
cloud archive.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bug
** Description changed:
+ [Impact]
Charm revision: 320
Cloud: bionic-ussuri
Permissions 0644 for '/var/lib/nova/.ssh/id_rsa' are too open.
Load key "/var/lib/nova/.ssh/id_rsa": bad permissions
nova@10.35.80.49: Permission denied (publickey).
This was preventing nova resizing:
** Merge proposal linked:
https://code.launchpad.net/~rodrigo-barbieri2010/ubuntu/+source/nova/+git/nova/+merge/422028
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permissions 06
** Changed in: nova (Ubuntu)
Assignee: (unassigned) => Rodrigo Barbieri (rodrigo-barbieri2010)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permissions 0644 for '/var/lib/nova/.
Any update here ? This is blocking critical node evacuation. Thanks !
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permissions 0644 for '/var/lib/nova/.ssh/id_rsa' are too open
To m
I have a patch in this branch
https://git.launchpad.net/~freyes/ubuntu/+source/nova/commit/?id=88c97dc9332b97edf06618b6d4d2c770153821a6
, although I haven't been able to test it, I'm removing myself from the
bug since I won't have cycles to dedicate to this task in the short
term.
** Changed in: n
** Tags added: sts
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permissions 0644 for '/var/lib/nova/.ssh/id_rsa' are too open
To manage notifications about this bug go to:
https://b
I just did a test myself and the bug is still present. Simply re-install
your nova-common package and there goes the SSH key permissions. As
others mentioned, it is indeed this line in the postinst script:
find /var/lib/nova -type f -exec chmod 0644 "{}" + -o -type d -exec
chmod 0755 "{}" +
--
Y
** Changed in: charm-nova-compute
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permissions 0644 for '/var/lib/nova/.ssh/id_rsa' are too open
To manage
** Changed in: nova (Ubuntu)
Assignee: (unassigned) => Felipe Reyes (freyes)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permissions 0644 for '/var/lib/nova/.ssh/id_rsa' are to
Subscribing to field-high since we've seen several customers already
affected by this, it will only get worse as more keep upgrading to
Ussuri.
** Tags added: field-high
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.lau
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: nova (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permi
Just had a recurrence. This happened when doing a series upgrade from
bionic/ussuri to focal/ussuri. All compute nodes have
/var/lib/nova/.ssh/id_rsa with 0644 permissions.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs
Previously reported as
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1904745
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permissions 0644 for '/var/lib/nova/.ssh/id_rsa' are t
root@casual-condor:/var/lib/nova# ll .ssh/
total 28
drwxr-xr-x 2 nova root 4096 Aug 3 10:43 ./
drwxr-xr-x 10 nova nova 4096 Aug 3 10:25 ../
-rw-r--r-- 1 root root 1197 Aug 3 10:54 authorized_keys
-rw--- 1 nova root 1823 Aug 3 10:25 id_rsa
-rw-r--r-- 1 nova root 400 Aug 3 10:25 id_rsa.
> Charms were not upgraded while this broke. We simply upgrade the
packages.
If that's the case, package maintainer script might be related? For
example,
$ grep /var/lib/nova /var/lib/dpkg/info/nova-common.postinst
--home /var/lib/nova \
chown -R nova:nova /var/lib/nova/
f
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: nova (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904580
Title:
Permi
20 matches
Mail list logo