Ubuntu
eucalyptus package

Upgrade to r908 loses admin credentials

Bug #443125 reported by Thierry Carrez
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Eucalyptus
Fix Released
Undecided
Daniel Nurmi
eucalyptus (Ubuntu)
Fix Released
High
Dustin Kirkland 

Bug Description

Upgrading from r854-0ubuntu13 to proposed r908-0ubuntu1

The admin credentials previously downloaded (and previously working correctly) no longer work. euca-* commands return 403 errors.

Trying to run sudo euca_conf --get-credentials fails (saves a 0-size zip file)
The only way to unblock the situation is to go to the web UI and download new credentials from there.

How to reproduce:
From daily CD, do a UEC/Cluster install (you get r854-0ubuntu13)
$ sudo euca_conf --get-credentials mycreds.zip
$ unzip mycreds.zip
$ . eucarc
$ euca-describe-availability-zones verbose
returns something. Then upgrade your system to r908 packages.
$ euca-describe-availability-zones verbose
now returns 403.
$ sudo euca_conf --get-credentials mycreds2.zip
now retrieves a zero-sized zipfile.

Thierry Carrez (ttx)
Changed in eucalyptus (Ubuntu):
status: New → Triaged
importance: Undecided → High
Dustin Kirkland  (kirkland)
Changed in eucalyptus (Ubuntu):
assignee: nobody → Daniel Nurmi (nurmi)
Matt Zimmerman (mdz)
Changed in eucalyptus (Ubuntu):
status: Triaged → In Progress
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Changing assignment to me, as Dan's part is done (r912), and I'm working on the merge/upload.

:-Dustin

Changed in eucalyptus (Ubuntu):
assignee: Daniel Nurmi (nurmi) → Dustin Kirkland (kirkland)
Revision history for this message
Matt Zimmerman (mdz) wrote :

Fix committed upstream in 912:

<mdz> nurmi, do you have a separate bug number for 443125 upstream or are you using the same one?
<nurmi> mdz: same one, we learned about this bug this morning
<mdz> nurmi, and it's meant to be fixed by r912? I don't see a bug number in the commit message
<nurmi> mdz: it is, the committer did not put in a bug number into the revision

------------------------------------------------------------
revno: 912
committer: decker <decker@personal-army>
branch nick: 1.6
timestamp: Mon 2009-10-05 08:47:37 -0700
message:
  fix user lookup.

Changed in eucalyptus:
assignee: nobody → Daniel Nurmi (nurmi)
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eucalyptus - 1.6~bzr912-0ubuntu1

---------------
eucalyptus (1.6~bzr912-0ubuntu1) karmic; urgency=low

  * Merge upstream revision 912
  * tools/eucalyptus-cc.in: resolve conflict, ensuring that we maintain
    the 'ThreadsPerChild 1' sed
  * clc/modules/www/src/main/java/edu/ucsb/eucalyptus/admin/server/ServletUtils.java:
    resolve conflict, drop our diff, as upstream has solved the smtp
    hostname issue
  * debian/patches/boot-order.patch: dropped, applies to a file we don't
    use anymore so it can be removed
  * debian/eucalyptus-walrus.eucalyptus-walrus-registration.upstart: source
    conf file and use $WALRUS_IP_ADDR variable, like the other scripts
  * This snapshot is expected to fix the following bugs:
    - LP: #388934 - apply authorization checks
    - LP: #430226 - fix display of image permissions
    - LP: #430957 - fix running of instances in SYSTEM mode
    - LP: #436276 - sc should run as eucalyptus, instead of root
    - LP: #436313 - fix sc registration through web ui
    - LP: #436407 - fix cc segfaults with apache-mpm-worker, rampart
    - LP: #436885 - fix database corruption, c3p0 deadlock on CLC
    - LP: #437014 - handle execessive CLC sockets
    - LP: #439251 - fix restart-required after autoregistration issue
    - LP: #440744 - handle external command
    - LP: #440817 - fail gracefully with volume deletion on sc
    - LP: #443125 - fix loss of admin credentials

 -- Dustin Kirkland <email address hidden> Mon, 05 Oct 2009 15:02:11 -0500

Changed in eucalyptus (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
chris grzegorczyk (chris-grze) wrote :

Just for clarity:

This was described in LP: #388934 - apply authorization checks

There was infact no loss of credentials as suggested by LP: #443125 - fix loss of admin credentials

thanks.
chris

graziano obertelli (graziano.obertelli)
Changed in eucalyptus:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.