[Yahoo-eng-team] [Bug 1609899] [NEW] salt minion module writes minion keys to the wrong directory

Thu, 04 Aug 2016 10:15:47 -0700 

Public bug reported:

  Cloud-init's salt minion module writes minion.pem, and minion.pub to
the wrong directory. Salt-minion expects them in /etc/salt/pki/minion,
but /etc/salt/pki is used by cloud-init's salt minion module. Somehow in
the past this worked out, and the files would be moved to
/etc/salt/pki/minion. This part I don't understand, but currently on
Ubuntu 16.04 Xenial with cloud-init 0.7.7 it doesn't work out. What
happens is cloud-init writes to /etc/salt/pki, and salt-minion ignores
the /etc/salt/pki files and writes it's own /etc/salt/pki/minion files.
This results in the salt minion generated keys being rejected by the
salt master.

Current:
pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki')

Fixed:
pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki/minion')

** Affects: cloud-init
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1609899

Title:
  salt minion module writes minion keys to the wrong directory

Status in cloud-init:
  New

Bug description:
    Cloud-init's salt minion module writes minion.pem, and minion.pub to
  the wrong directory. Salt-minion expects them in /etc/salt/pki/minion,
  but /etc/salt/pki is used by cloud-init's salt minion module. Somehow
  in the past this worked out, and the files would be moved to
  /etc/salt/pki/minion. This part I don't understand, but currently on
  Ubuntu 16.04 Xenial with cloud-init 0.7.7 it doesn't work out. What
  happens is cloud-init writes to /etc/salt/pki, and salt-minion ignores
  the /etc/salt/pki files and writes it's own /etc/salt/pki/minion
  files. This results in the salt minion generated keys being rejected
  by the salt master.

  Current:
  pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki')

  Fixed:
  pki_dir = salt_cfg.get('pki_dir', '/etc/salt/pki/minion')

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1609899/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

Reply via email to