Merge ~ahasenack/ubuntu/+source/base-files:eoan-cloud-id-support into ubuntu/+source/base-files:ubuntu/devel
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Andreas Hasenack | ||||
Approved revision: | 65bc858eb5ec56b2061f570fcdba48a3fcae1dce | ||||
Merged at revision: | 65bc858eb5ec56b2061f570fcdba48a3fcae1dce | ||||
Proposed branch: | ~ahasenack/ubuntu/+source/base-files:eoan-cloud-id-support | ||||
Merge into: | ubuntu/+source/base-files:ubuntu/devel | ||||
Diff against target: |
38 lines (+12/-1) 2 files modified
debian/changelog (+6/-0) motd/50-motd-news (+6/-1) |
||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Steve Langasek (community) | Approve | ||
Canonical Server Core Reviewers | Pending | ||
Canonical Server | Pending | ||
Review via email: mp+371370@code.launchpad.net |
Description of the change
client-side change to implement MOTD for clouds.
This simply adds a cloud_id string to the existing user-agent. While making that change, I noticed that curl wasn't called with -f, which meant that should the server fail and present an error page, that would be taken as valid motd text. With -f, curl will silently fail in that case, and we will have an empty motd instead of garbage.
cloud-id comes from cloud-init, but rather than adding a dependency, I'm assuming it will be available in ubuntu cloud instances, but of course I look for it first.
It's unknown if an external attacker can manipulate the output of cloud-id. If that's possible, then this cloud-id usage is a security hole, as it's taken unfiltered. I could add a "tr" call to filter out some things, like shell special characters and control characters like it's done for the motd text itself. I can easily be convinced to do something like this, but I want to get some eyes on this implementation sooner rather than later.
The server side bit that uses this user agent string is basically this snippet:
RewriteEngine on
# list all clouds in the regexp
RewriteCond "%{HTTP_
RewriteRule "^/$" "/index-%1.txt" [L]
One could also use RewriteMap and point to a text file which lists the clouds, so no apache config change is needed when a cloud is added or removed. And I suppose there are other ways in Apache to serve a specific file depending on the user agent, other than mod_rewrite. Simpler suggestions accepted.
The respective index-$cloud.txt files are expected to come from cloud-specific branches, which the mojo spec[1] that deploys this service will fetch, as it does today for the single index.txt. Something like this, as a first cut:
$ cat collect-ubuntu-motd
ubuntu-motd lp:ubuntu-motd
ubuntu-motd-aws lp:ubuntu-motd-aws
ubuntu-motd-gce lp:ubuntu-motd-gce
...
$ cat manifest-upload
collect config=
collect config=
collect config=
...
script config=
include config=
With this system in place, cloud-specific index files will override the default index.txt one.
If an instance on cloud X comes alive, and there is an index-x.txt file, that will be the sole motd. If there is no index-x.txt file, then index.txt is served (index.txt is also the 404 error document in the apache config).
With this scheme, in order for the common index.txt file be again served as motd for a cloud instance, the index-$cloud.txt file must be deleted.
1. https:/
Pushed