Ubuntu
walinuxagent package

[SRU] walinuxagent mangles server identity and access on upgrade

Bug #1079897 reported by Ben Howard
30
This bug affects 2 people
Affects Status Importance Assigned to Milestone
walinuxagent (Ubuntu)
Fix Released
Critical
James Page
Precise
Fix Released
Critical
Louis Bouchard
Quantal
Fix Released
Critical
Louis Bouchard
Raring
Fix Released
Critical
James Page

Bug Description

SRU justification

Impact : Users of Precise cloud image on Azure cloud loose sudoers identity when upgrading or doing a reconfiguration of the waliuxagent package

Fix : Comment #4 outlines the changes made to fix the problem

Test Case :
 - Create a 12.04 Precise instance on Azure
 - run dpkg-reconfigure walinuxagent
 - log out and log back int
User should be able to use 'sudo' to gain administrator's privileges from the user account defined when the instance was created.

Regression : None expected as no change in functionality only packaging/installation modification were done.

Description of the problem :

walinxuagent, as packaged will result in a server losing its identity at agent installation or at agent start. Specifically, it will remove /var/lib/waagent (containing provisioning meta-data), /etc/ssh/{config,ssh_rsa*} and /etc/sudoers.d/waagent. Because of the way that Winodws Azure boots, this means that the identity of hosts will be completely stripped out, the user who was provisioned with the system will be locked out, and worst of all, a person who installs this package on a non-Windows Azure system may be exposed to losing their host's SSH identity.

See original description

Related branches

lp:~james-page/ubuntu/raring/walinuxagent/upgrade-hacks
lp:ubuntu/raring-proposed/walinuxagent
lp:~louis/ubuntu/precise/walinuxagent/walinuxagent-lp1079897
Ubuntu Development Team: Pending requested
Diff: 5628 lines (+269/-5041)
19 files modified
.pc/000_ubuntu_init_resolvconf.patch/waagent (+0/-2335)
.pc/001_ubuntu_agent_startup.patch/waagent (+0/-2395)
.pc/applied-patches (+0/-2)
Changelog (+12/-0)
debian/changelog (+34/-0)
debian/control (+10/-0)
debian/patches/000_resolv-conf.patch (+32/-0)
debian/patches/000_ubuntu_init_resolvconf.patch (+0/-153)
debian/patches/001-strip-init-d.patch (+36/-0)
debian/patches/001_ubuntu_agent_startup.patch (+0/-22)
debian/patches/series (+2/-2)
debian/postinst (+7/-2)
debian/preinst (+16/-0)
debian/prerm (+2/-3)
debian/rules (+3/-4)
debian/upstart (+24/-0)
debian/walinuxagent-data-saver.lintian-overrides (+10/-0)
debian/walinuxagent-data-saver.preinst (+16/-0)
waagent (+65/-123)
lp:ubuntu/precise-proposed/walinuxagent
lp:ubuntu/quantal-proposed/walinuxagent
David Medberry (med)
description: updated
Revision history for this message
Ben Howard (darkmuggle-deactivatedaccount) wrote :

This file has a pre-built copy of waalinuxagent from my proposed branch. Its will only mangle /etc/sudoers.d/waagent.

For full replication, run "dpkg-reconfigure walinuxagent" on a vanilla windows Azure instance.

Revision history for this message
Ben Howard (darkmuggle-deactivatedaccount) wrote :

The root of the problem is here:
http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/quantal/walinuxagent/quantal/view/head:/debian/prerm

....

#!/bin/sh
set -e
case "$1" in
    purge)
        rm /etc/waagent.conf > /dev/null || true
    ;;

    remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
        if [ -x /usr/sbin/waagent ]; then
            waagent --uninstall
        fi
    ;;

    *)
        echo "postrm called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0

Revision history for this message
James Page (james-page) wrote :

I've attached a branch which uses a combination of Pre-Depends, a new -data-saver package and dpkg-divert to ensure that the waagent binary is not present when the prerm of the existing package tries to run; this avoid the waagent --uninstall stuff OK and generally seems to be the accepted way to deal with this situation.

Revision history for this message
James Page (james-page) wrote :

OK; so I dug into the SSH identity issue in more detail and its related to the removal of /var/lib/waagent on upgrade/reconfiguration.

The Pre-Depends/data-saver fix negates this problem and the SSH keys stay intact.

I did notice that the new package installs an upstart configuration with a different name to the old one; so now that we don't waagent --uninstall on upgrade this needs to be stopped and removed manually to ensure the new configuration and agent can start correctly.

James Page (james-page)
information type: Private → Public
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

James Page (james-page)
affects: Ubuntu Precise → walinuxagent (Ubuntu Precise)
Louis Bouchard (louis)
description: updated
Revision history for this message
Antonio Rosales (arosales) wrote :

--- Status Update for Affected Users ---

The fix (described by @james-page above) is included in the current development release of Ubuntu, 13.04 (Raring). @utlemming has confirmed the fix for 12.04 and 12.10. @louis-bouchard is currently working on getting this fix applied to 12.04 and 12.10 via the Ubuntu Stable Release Update process[0] due to the critical nature of this bug.

-Thanks,
Antonio

[0] https://wiki.ubuntu.com/StableReleaseUpdates

Chris J Arges (arges)
Changed in walinuxagent (Ubuntu Precise):
assignee: nobody → Louis Bouchard (louis-bouchard)
Changed in walinuxagent (Ubuntu Quantal):
assignee: nobody → Louis Bouchard (louis-bouchard)
Louis Bouchard (louis)
Changed in walinuxagent (Ubuntu Precise):
status: Confirmed → In Progress
Changed in walinuxagent (Ubuntu Quantal):
status: Confirmed → In Progress
James Page (james-page)
summary: - walinuxagent mangles server identity and access on upgrade
+ [SRU] walinuxagent mangles server identity and access on upgrade
Revision history for this message
David Medberry (med) wrote :

The package, walinuxagent, is required for usage in the Azure cloud. Ubuntu instances will not function without it. (This is part of the criticality of this--it's required for the instance to have any functionality whatsoever.)

Revision history for this message
Adam Conrad (adconrad) wrote : Please test proposed package

Hello Ben, or anyone else affected,

Accepted walinuxagent into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/walinuxagent/1.1-0ubuntu2~12.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in walinuxagent (Ubuntu Precise):
status: In Progress → Fix Committed
Revision history for this message
Dave Walker (davewalker) wrote :

Hello Ben, or anyone else affected,

Accepted into quantal-proposed. The package will build now and be available in a few hours in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in walinuxagent (Ubuntu Quantal):
status: In Progress → Fix Committed
tags: added: verification-needed
tags: added: verification-needed-precise verification-needed-quantal
removed: verification-needed
Louis Bouchard (louis)
tags: added: verification-done-precise
removed: verification-needed-precise
Revision history for this message
Louis Bouchard (louis) wrote :

Since there is no Quantal image available on Azure, test for Quantal was done by upgrading the Precise image to Quantal (with prior removal of the original walinuxagent to workaround the bug), installing walinuxagent and then upgrading to the Quantal package.

The quantal package in -proposed does fix the problem.

tags: added: verification-done-quantal
removed: verification-needed-quantal
Revision history for this message
Scott Kitterman (kitterman) wrote :

Because the upload contained a reference to a private bug, I've had to remove this from precise-proposed and quantal-proposed. I'm contacting the uploader to get a fixed version uploaded ASAP. We can fast-track the reupload so it won't have to wait the full seven days again.

Changed in walinuxagent (Ubuntu Precise):
status: Fix Committed → Triaged
Changed in walinuxagent (Ubuntu Quantal):
status: Fix Committed → Triaged
Revision history for this message
Adam Conrad (adconrad) wrote : Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package walinuxagent - 1.1-0ubuntu2~12.04.1

---------------
walinuxagent (1.1-0ubuntu2~12.04.1) precise-proposed; urgency=low

  * Backport new upstream version (LP: #1078074) from current development
    release including fix for critical issue during upgrade (LP: #1079897).

walinuxagent (1.1-0ubuntu2) raring; urgency=low

  * Stop upgrades purging walinuxagent meta-data and configuration files
    (LP: #1079897):
    - d/{control,walinuxagent-data-saver.preinst}: Added
      walinuxagent-data-saver package to ensure that agent generated data is
      not lost on upgrade by diverting /usr/sbin/waagent during the upgrade
      process.
    - d/walinuxagent-data-saver.lintian-overrides: Override errors about use
      of dpkg-divert in this package.
    - d/control: Added Pre-Depends to walinuxagent on walinuxagent-data-saver.
    - d/prerm: Stop calling waagent --uninstall during reconfiguration
      and upgrade, specify files to remove manually for purge.
    - d/postinst: Remove divert of /usr/sbin/waagent prior to completion of
      package install.
  * d/preinst: If upgrading from package version with unmanaged waagent upstart
    configuration stop the agent and remove the upstart configuration.
  * d/upstart: Tidied description in upstart job.

walinuxagent (1.1-0ubuntu1) raring; urgency=low

  * New upstream version (LP: #1078074, #1077147).
  * Moved upstart job to be managed by packaging.
 -- Louis Bouchard <email address hidden> Wed, 28 Nov 2012 16:51:12 +0100

Changed in walinuxagent (Ubuntu Precise):
status: Triaged → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package walinuxagent - 1.1-0ubuntu2~12.10.1

---------------
walinuxagent (1.1-0ubuntu2~12.10.1) quantal-proposed; urgency=low

  * Backport new upstream version (LP: #1078074) from current development
    release including fix for critical issue during upgrade (LP: #1079897).

walinuxagent (1.1-0ubuntu2) raring; urgency=low

  * Stop upgrades purging walinuxagent meta-data and configuration files
    (LP: #1079897):
    - d/{control,walinuxagent-data-saver.preinst}: Added
      walinuxagent-data-saver package to ensure that agent generated data is
      not lost on upgrade by diverting /usr/sbin/waagent during the upgrade
      process.
    - d/walinuxagent-data-saver.lintian-overrides: Override errors about use
      of dpkg-divert in this package.
    - d/control: Added Pre-Depends to walinuxagent on walinuxagent-data-saver.
    - d/prerm: Stop calling waagent --uninstall during reconfiguration
      and upgrade, specify files to remove manually for purge.
    - d/postinst: Remove divert of /usr/sbin/waagent prior to completion of
      package install.
  * d/preinst: If upgrading from package version with unmanaged waagent upstart
    configuration stop the agent and remove the upstart configuration.
  * d/upstart: Tidied description in upstart job.

walinuxagent (1.1-0ubuntu1) raring; urgency=low

  * New upstream version (LP: #1078074, #1077147).
  * Moved upstart job to be managed by packaging.
 -- Louis Bouchard <email address hidden> Wed, 28 Nov 2012 16:51:12 +0100

Changed in walinuxagent (Ubuntu Quantal):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.