screen-profiles-export records ownership (breaks ssh into root)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
byobu |
Fix Released
|
Wishlist
|
Dustin Kirkland |
Bug Description
The tar exported with screen-
Steps:
1) create a screen profile using screen-profiles
2) run screen-
3) scp screen-
4) ssh root@machine
5) ls -ld $HOME
6) tar xzf screen-
7) ls -ld $HOME
At step 7, you will notice that $HOME has changed ownership to something other than root. This will break pubkey-based ssh logins to the root account.
I suggest using --owner=root and --group=root when screen-
There is no problem when unpacking into a non-root-account, since --no-same-owner is the default behavior when extracting as non-root.
This probably deserves to be a wishlist item, since people should not be logging in directly as root--much less running screen as root. The workaround is to 'chown root.root /root' and 'chown -R root.root /root/.screen*'.
This may be a time bomb waiting for users unfamiliar with ssh's strict ownership requirements for pubkey logins (bad ~ means no pubkey logins). After step 6, if you do not chown /root back before logging out, you will not be able to ssh back in as root with pubkey auth. (A workaround for that is to ssh in as a non-root user and run 'sudo chown root.root /root'.)
Changed in byobu: | |
status: | Fix Committed → Fix Released |
Thanks for the report, and the suggestion.
I have committed a fix. Should be released in 2.4.
Cheers,
:-Dustin