Closed evandam closed 3 years ago
When creating a user without specifying a uid/gid, the user's ~/.ssh directory is owned by root since user[:uid].to_i returns 0 (since nil.to_i is 0) in https://github.com/sous-chefs/users/blob/master/resources/manage.rb#L99-L100.
~/.ssh
user[:uid].to_i
0
nil.to_i
6.0.0
15.15.1
Ubuntu 18.04
Steps to reproduce the behavior:
dev_user = { "id": "dev_user", "password": "secretpassword", "ssh_keys": [ "ssh-rsa blah" ], "groups": [ "dev" ], "shell": "/bin/bash", "comment": "Test user without root login", "root_login": false, "auto_remove": false } users_manage group do group_id 900 users [dev_user] action :create end
# ls -la /home/dev_user/ total 24 drwxr-xr-x 3 dev_user dev_user 4096 Mar 12 21:24 . drwxr-xr-x 6 root root 4096 Mar 12 17:40 .. -rw-r--r-- 1 dev_user dev_user 220 Apr 4 2018 .bash_logout -rw-r--r-- 1 dev_user dev_user 223 Mar 12 17:40 .bashrc -rw-r--r-- 1 dev_user dev_user 807 Apr 4 2018 .profile drwx------ 2 root root 4096 Mar 12 21:24 .ssh
This runs the risk of locking folks out of their environment very easily 😅
Fixed by merging #449
frank-m
commented
3 years ago frank-m
commented
3 years ago
:ghost: Brief Description
When creating a user without specifying a uid/gid, the user's
~/.sshdirectory is owned by root sinceuser[:uid].to_ireturns0(sincenil.to_iis0) in https://github.com/sous-chefs/users/blob/master/resources/manage.rb#L99-L100.:pancakes: Cookbook version
6.0.0
:woman_cook: Chef-Infra Version
15.15.1
:tophat: Platform details
Ubuntu 18.04
Steps To Reproduce
Steps to reproduce the behavior:
:heavy_plus_sign: Additional context
This runs the risk of locking folks out of their environment very easily 😅