2020-01-07 20:46:33 |
Mark Cunningham |
bug |
|
|
added bug |
2020-01-08 23:33:29 |
Eric Desrochers |
bug |
|
|
added subscriber Eric Desrochers |
2020-01-08 23:39:33 |
Eric Desrochers |
ceph (Ubuntu): status |
New |
Incomplete |
|
2020-01-09 00:26:36 |
Eric Desrochers |
tags |
|
sts |
|
2020-01-09 15:21:11 |
Eric Desrochers |
bug task added |
|
landscape |
|
2020-01-09 15:26:17 |
Eric Desrochers |
landscape: status |
New |
Confirmed |
|
2020-01-09 15:30:56 |
Eric Desrochers |
landscape: assignee |
|
Eric Desrochers (slashd) |
|
2020-01-09 15:30:59 |
Eric Desrochers |
landscape: status |
Confirmed |
In Progress |
|
2020-01-09 15:34:53 |
Eric Desrochers |
description |
If the $SERVER_USER name exists in LDAP outside the server the user will not exist in /etc/passwd. This will cause the postinst script to attempt to create the user, which will fail. This user creation/modification failure then causes the configuration operation to be marked as failed and prevent the package from completing installation.
Current workaround is to define $SERVER_USER in /etc/default/ceph or otherwise export a custom value for this into the environment, so that the postinst script uses a username that does not exist in LDAP, and can be created within the local system. Ideally there would be a more robust check for the existence of the $SERVER_USER perhaps using the 'id' command.
Snippets from /var/lib/dpkg/info/ceph-common.postinst
---
[ -f "/etc/default/ceph" ] && . /etc/default/ceph
[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
---
---
case "$1" in
configure)
# create user to avoid running server as root
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
addgroup --quiet --system --gid $SERVER_GID \
$SERVER_GROUP 2>/dev/null ||true
fi
# 2. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
adduser --quiet \
--system \
--no-create-home \
--disabled-password \
--uid $SERVER_UID \
--gid $SERVER_GID \
$SERVER_USER 2>/dev/null || true
fi
# 3. adjust passwd entry
usermod -c "$SERVER_NAME" \
-d $SERVER_HOME \
-g $SERVER_GROUP \
$SERVER_USER 2>/dev/null
--- |
If the $SERVER_USER name exists in LDAP outside the server the user will not exist in /etc/passwd. This will cause the postinst script to attempt to create the user, which will fail. This user creation/modification failure then causes the configuration operation to be marked as failed and prevent the package from completing installation.
Current workaround is to define $SERVER_USER in /etc/default/ceph or otherwise export a custom value for this into the environment, so that the postinst script uses a username that does not exist in LDAP, and can be created within the local system. Ideally there would be a more robust check for the existence of the $SERVER_USER perhaps using the 'id' command.
Snippets from /var/lib/dpkg/info/ceph-common.postinst
---
[ -f "/etc/default/ceph" ] && . /etc/default/ceph
[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
---
---
case "$1" in
configure)
# create user to avoid running server as root
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
addgroup --quiet --system --gid $SERVER_GID \
$SERVER_GROUP 2>/dev/null ||true
fi
# 2. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
adduser --quiet \
--system \
--no-create-home \
--disabled-password \
--uid $SERVER_UID \
--gid $SERVER_GID \
$SERVER_USER 2>/dev/null || true
fi
# 3. adjust passwd entry
usermod -c "$SERVER_NAME" \
-d $SERVER_HOME \
-g $SERVER_GROUP \
$SERVER_USER 2>/dev/null
---
[Impacted scenario]
* lanscape-server installation when the ceph user/group already exists on the system with non-default UID/GID particularly when the user exists in LDAP outside the local system. |
|
2020-01-09 15:36:22 |
Eric Desrochers |
description |
If the $SERVER_USER name exists in LDAP outside the server the user will not exist in /etc/passwd. This will cause the postinst script to attempt to create the user, which will fail. This user creation/modification failure then causes the configuration operation to be marked as failed and prevent the package from completing installation.
Current workaround is to define $SERVER_USER in /etc/default/ceph or otherwise export a custom value for this into the environment, so that the postinst script uses a username that does not exist in LDAP, and can be created within the local system. Ideally there would be a more robust check for the existence of the $SERVER_USER perhaps using the 'id' command.
Snippets from /var/lib/dpkg/info/ceph-common.postinst
---
[ -f "/etc/default/ceph" ] && . /etc/default/ceph
[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
---
---
case "$1" in
configure)
# create user to avoid running server as root
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
addgroup --quiet --system --gid $SERVER_GID \
$SERVER_GROUP 2>/dev/null ||true
fi
# 2. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
adduser --quiet \
--system \
--no-create-home \
--disabled-password \
--uid $SERVER_UID \
--gid $SERVER_GID \
$SERVER_USER 2>/dev/null || true
fi
# 3. adjust passwd entry
usermod -c "$SERVER_NAME" \
-d $SERVER_HOME \
-g $SERVER_GROUP \
$SERVER_USER 2>/dev/null
---
[Impacted scenario]
* lanscape-server installation when the ceph user/group already exists on the system with non-default UID/GID particularly when the user exists in LDAP outside the local system. |
If the $SERVER_USER name exists in LDAP outside the server the user will not exist in /etc/passwd. This will cause the postinst script to attempt to create the user, which will fail. This user creation/modification failure then causes the configuration operation to be marked as failed and prevent the package from completing installation.
Current workaround is to define $SERVER_USER in /etc/default/ceph or otherwise export a custom value for this into the environment, so that the postinst script uses a username that does not exist in LDAP, and can be created within the local system. Ideally there would be a more robust check for the existence of the $SERVER_USER perhaps using the 'id' command.
Snippets from /var/lib/dpkg/info/ceph-common.postinst
---
[ -f "/etc/default/ceph" ] && . /etc/default/ceph
[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
---
---
case "$1" in
configure)
# create user to avoid running server as root
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
addgroup --quiet --system --gid $SERVER_GID \
$SERVER_GROUP 2>/dev/null ||true
fi
# 2. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
adduser --quiet \
--system \
--no-create-home \
--disabled-password \
--uid $SERVER_UID \
--gid $SERVER_GID \
$SERVER_USER 2>/dev/null || true
fi
# 3. adjust passwd entry
usermod -c "$SERVER_NAME" \
-d $SERVER_HOME \
-g $SERVER_GROUP \
$SERVER_USER 2>/dev/null
---
[Observe impacted scenario]
* lanscape-server installation when the ceph user/group already exists on the system with non-default UID/GID particularly when the user exists in LDAP outside the local system. |
|
2020-01-09 15:36:40 |
Eric Desrochers |
description |
If the $SERVER_USER name exists in LDAP outside the server the user will not exist in /etc/passwd. This will cause the postinst script to attempt to create the user, which will fail. This user creation/modification failure then causes the configuration operation to be marked as failed and prevent the package from completing installation.
Current workaround is to define $SERVER_USER in /etc/default/ceph or otherwise export a custom value for this into the environment, so that the postinst script uses a username that does not exist in LDAP, and can be created within the local system. Ideally there would be a more robust check for the existence of the $SERVER_USER perhaps using the 'id' command.
Snippets from /var/lib/dpkg/info/ceph-common.postinst
---
[ -f "/etc/default/ceph" ] && . /etc/default/ceph
[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
---
---
case "$1" in
configure)
# create user to avoid running server as root
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
addgroup --quiet --system --gid $SERVER_GID \
$SERVER_GROUP 2>/dev/null ||true
fi
# 2. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
adduser --quiet \
--system \
--no-create-home \
--disabled-password \
--uid $SERVER_UID \
--gid $SERVER_GID \
$SERVER_USER 2>/dev/null || true
fi
# 3. adjust passwd entry
usermod -c "$SERVER_NAME" \
-d $SERVER_HOME \
-g $SERVER_GROUP \
$SERVER_USER 2>/dev/null
---
[Observe impacted scenario]
* lanscape-server installation when the ceph user/group already exists on the system with non-default UID/GID particularly when the user exists in LDAP outside the local system. |
If the $SERVER_USER name exists in LDAP outside the server the user will not exist in /etc/passwd. This will cause the postinst script to attempt to create the user, which will fail. This user creation/modification failure then causes the configuration operation to be marked as failed and prevent the package from completing installation.
Current workaround is to define $SERVER_USER in /etc/default/ceph or otherwise export a custom value for this into the environment, so that the postinst script uses a username that does not exist in LDAP, and can be created within the local system. Ideally there would be a more robust check for the existence of the $SERVER_USER perhaps using the 'id' command.
Snippets from /var/lib/dpkg/info/ceph-common.postinst
---
[ -f "/etc/default/ceph" ] && . /etc/default/ceph
[ -z "$SERVER_HOME" ] && SERVER_HOME=/var/lib/ceph
[ -z "$SERVER_USER" ] && SERVER_USER=ceph
[ -z "$SERVER_NAME" ] && SERVER_NAME="Ceph storage service"
[ -z "$SERVER_GROUP" ] && SERVER_GROUP=ceph
[ -z "$SERVER_UID" ] && SERVER_UID=64045 # alloc by Debian base-passwd maintainer
[ -z "$SERVER_GID" ] && SERVER_GID=$SERVER_UID
---
---
case "$1" in
configure)
# create user to avoid running server as root
# 1. create group if not existing
if ! getent group | grep -q "^$SERVER_GROUP:" ; then
addgroup --quiet --system --gid $SERVER_GID \
$SERVER_GROUP 2>/dev/null ||true
fi
# 2. create user if not existing
if ! getent passwd | grep -q "^$SERVER_USER:"; then
adduser --quiet \
--system \
--no-create-home \
--disabled-password \
--uid $SERVER_UID \
--gid $SERVER_GID \
$SERVER_USER 2>/dev/null || true
fi
# 3. adjust passwd entry
usermod -c "$SERVER_NAME" \
-d $SERVER_HOME \
-g $SERVER_GROUP \
$SERVER_USER 2>/dev/null
---
[Observe impacted scenario]
* lanscape-server installation may fail when the ceph user/group already exists on the system with non-default UID/GID particularly when the user exists in LDAP outside the local system. |
|
2020-01-09 21:01:44 |
Eric Desrochers |
landscape: status |
In Progress |
Fix Released |
|
2020-01-09 21:20:02 |
Simon Poirier |
landscape: status |
Fix Released |
Fix Committed |
|
2020-01-09 22:06:22 |
🤖 Landscape Builder |
landscape: milestone |
|
19.11 |
|
2020-01-10 15:47:08 |
Simon Poirier |
landscape: milestone |
19.11 |
19.10.1 |
|
2020-02-11 18:45:29 |
Simon Poirier |
landscape: status |
Fix Committed |
Fix Released |
|