shadow file permissions broken
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
walinuxagent (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Precise |
Fix Released
|
Medium
|
Unassigned | ||
Raring |
Fix Released
|
Medium
|
Unassigned |
Bug Description
[Impact]: WALinuxAgent, when provisioning, may delete the root password. However, in doing so, it changes the permissions of the shadow file from 0400 to 000.
[Regression]: This change simple sets the proper permission on /etc/shadow.
[Test Case]: Make sure that the permissions are 0400.
[Originial Report]:
inside an azure instance:
$ ls -altr /etc/shadow
---------- 1 root root 902 Jun 7 20:23 /etc/shadow
/usr/sbin/waagent has:
def DeleteRootPassw
filepath=
ReplaceFile
os.
if IsRedHat():
Run("chcon system_
Log("Root password deleted.")
more correct permissions on that file would be:
$ ls -altr /etc/shadow
-rw-r----- 1 root shadow 1497 May 29 16:51 /etc/shadow
ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: walinuxagent 1.3.2-0ubuntu1 [modified: usr/sbin/waagent]
ProcVersionSign
Uname: Linux 3.8.0-23-generic x86_64
ApportVersion: 2.9.2-0ubuntu8
Architecture: amd64
Date: Fri Jun 7 20:32:03 2013
MarkForUpload: True
ProcEnviron:
TERM=screen
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: walinuxagent
UpgradeStatus: No upgrade log present (probably fresh install)
Changed in walinuxagent (Ubuntu): | |
importance: | Undecided → High |
description: | updated |
Changed in walinuxagent (Ubuntu Precise): | |
importance: | Undecided → Medium |
Changed in walinuxagent (Ubuntu Raring): | |
importance: | Undecided → Medium |
Changed in walinuxagent (Ubuntu Precise): | |
assignee: | nobody → Ben Howard (utlemming) |
Changed in walinuxagent (Ubuntu Raring): | |
assignee: | nobody → Ben Howard (utlemming) |
Changed in walinuxagent (Ubuntu Precise): | |
status: | New → Fix Released |
This will be fixed in the 12.04 SRU for the cloud-init/udev rule fix. Since user-provisioning will not be done by WALinuxAgent, this gets mooted.