cloud-init

chpasswd: is mangling certain password hashes

Bug #1811446 reported by Ryan Harper on 2019-01-11

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	cloud-init	Fix Released	Undecided	Unassigned
	cloud-init (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

#cloud-config

# from 1 files
# part-001

---
chpasswd:
expire: false
list: 'root:$2y$10$8BQjxjVByHA/Ee.O1bCXtO8S7Y5WojbXWqnqYpUW.BrPx/Dlew1Va

From #cloud-init

<marlinc_> Hey there, I'm not sure whether I'm running into a bug or not
<marlinc_> I'm trying to set the password hash for the root user on a system using the chpasswd module
<marlinc_> It should match new hash at this line in the module but it doens't seem to match
<marlinc_> https://github.com/cloud-init/cloud-init/blame/master/cloudinit/config/cc_set_passwords.py#L163
<marlinc_> I can confirm this when running it through https://regex101.com/r/Nj7VTZ/1
<marlinc_> Then I was thinking, isn't [] for lists of characters rather than lists of strings
<marlinc_> Changing it to \$(1|2a|2y|5|6)(\$.+){2} does work
<marlinc_> At least in regex101
<marlinc_> smoser, you any idea, I saw you commited the change: https://github.com/cloud-init/cloud-init/commit/21632972df034c200578e1fbc121a07f20bb8774
<smoser> marlinc_: i'd think yes. that is a bug for the '2a' and '2y'

See original description

Related branches

~chad.smith/cloud-init:ubuntu/bionic

Merged into cloud-init:ubuntu/bionic at revision 4a1aaa18595fa663e1a38dd3ac8f73231ec69a7f

Server Team CI bot: Approve (continuous-integration) on 2019-01-26

cloud-init Commiters: Pending requested 2019-01-26

Diff: 7789 lines (+3838/-768)

98 files modified

ChangeLog (+54/-0)
HACKING.rst (+2/-2)
bash_completion/cloud-init (+4/-1)
cloudinit/cmd/cloud_id.py (+90/-0)
cloudinit/cmd/devel/logs.py (+23/-8)
cloudinit/cmd/devel/net_convert.py (+10/-5)
cloudinit/cmd/devel/render.py (+24/-11)
cloudinit/cmd/devel/tests/test_logs.py (+37/-6)
cloudinit/cmd/devel/tests/test_render.py (+44/-1)
cloudinit/cmd/main.py (+4/-16)
cloudinit/cmd/query.py (+24/-12)
cloudinit/cmd/tests/test_cloud_id.py (+127/-0)
cloudinit/cmd/tests/test_query.py (+71/-5)
cloudinit/config/cc_disk_setup.py (+1/-1)
cloudinit/config/cc_lxd.py (+1/-1)
cloudinit/config/cc_resizefs.py (+7/-0)
cloudinit/config/cc_set_passwords.py (+1/-1)
cloudinit/config/cc_write_files.py (+6/-1)
cloudinit/config/tests/test_set_passwords.py (+40/-0)
cloudinit/dhclient_hook.py (+72/-38)
cloudinit/handlers/jinja_template.py (+9/-1)
cloudinit/net/__init__.py (+38/-4)
cloudinit/net/dhcp.py (+76/-25)
cloudinit/net/eni.py (+15/-14)
cloudinit/net/netplan.py (+3/-3)
cloudinit/net/sysconfig.py (+61/-5)
cloudinit/net/tests/test_dhcp.py (+47/-4)
cloudinit/net/tests/test_init.py (+51/-1)
cloudinit/sources/DataSourceAliYun.py (+5/-15)
cloudinit/sources/DataSourceAltCloud.py (+22/-11)
cloudinit/sources/DataSourceAzure.py (+82/-31)
cloudinit/sources/DataSourceBigstep.py (+4/-0)
cloudinit/sources/DataSourceCloudSigma.py (+5/-1)
cloudinit/sources/DataSourceConfigDrive.py (+12/-0)
cloudinit/sources/DataSourceEc2.py (+59/-56)
cloudinit/sources/DataSourceIBMCloud.py (+4/-0)
cloudinit/sources/DataSourceMAAS.py (+4/-0)
cloudinit/sources/DataSourceNoCloud.py (+52/-1)
cloudinit/sources/DataSourceNone.py (+4/-0)
cloudinit/sources/DataSourceOVF.py (+36/-26)
cloudinit/sources/DataSourceOpenNebula.py (+9/-1)
cloudinit/sources/DataSourceOracle.py (+4/-0)
cloudinit/sources/DataSourceScaleway.py (+10/-1)
cloudinit/sources/DataSourceSmartOS.py (+3/-0)
cloudinit/sources/__init__.py (+104/-21)
cloudinit/sources/helpers/netlink.py (+250/-0)
cloudinit/sources/helpers/tests/test_netlink.py (+373/-0)
cloudinit/sources/helpers/vmware/imc/config_nic.py (+2/-3)
cloudinit/sources/tests/test_init.py (+83/-3)
cloudinit/sources/tests/test_oracle.py (+8/-0)
cloudinit/temp_utils.py (+2/-2)
cloudinit/tests/test_dhclient_hook.py (+105/-0)
cloudinit/tests/test_temp_utils.py (+17/-1)
cloudinit/tests/test_url_helper.py (+24/-1)
cloudinit/tests/test_util.py (+82/-17)
cloudinit/url_helper.py (+25/-6)
cloudinit/util.py (+25/-3)
cloudinit/version.py (+1/-1)
config/cloud.cfg.tmpl (+11/-1)
debian/changelog (+75/-0)
doc/rtd/topics/datasources.rst (+60/-1)
doc/rtd/topics/datasources/azure.rst (+65/-38)
doc/rtd/topics/instancedata.rst (+137/-46)
doc/rtd/topics/network-config-format-v1.rst (+1/-1)
packages/redhat/cloud-init.spec.in (+1/-0)
packages/suse/cloud-init.spec.in (+1/-0)
setup.py (+2/-1)
systemd/cloud-init.service.tmpl (+1/-2)
templates/sources.list.ubuntu.tmpl (+17/-17)
tests/cloud_tests/releases.yaml (+16/-0)
tests/cloud_tests/testcases/base.py (+15/-3)
tests/cloud_tests/testcases/modules/apt_configure_primary.py (+9/-5)
tests/cloud_tests/testcases/modules/apt_configure_primary.yaml (+0/-7)
tests/unittests/test_builtin_handlers.py (+25/-0)
tests/unittests/test_cli.py (+8/-8)
tests/unittests/test_datasource/test_aliyun.py (+4/-0)
tests/unittests/test_datasource/test_altcloud.py (+67/-51)
tests/unittests/test_datasource/test_azure.py (+262/-79)
tests/unittests/test_datasource/test_cloudsigma.py (+6/-0)
tests/unittests/test_datasource/test_configdrive.py (+3/-0)
tests/unittests/test_datasource/test_ec2.py (+37/-23)
tests/unittests/test_datasource/test_ibmcloud.py (+39/-1)
tests/unittests/test_datasource/test_nocloud.py (+98/-41)
tests/unittests/test_datasource/test_opennebula.py (+4/-0)
tests/unittests/test_datasource/test_ovf.py (+119/-39)
tests/unittests/test_datasource/test_scaleway.py (+72/-4)
tests/unittests/test_datasource/test_smartos.py (+7/-0)
tests/unittests/test_ds_identify.py (+16/-1)
tests/unittests/test_handler/test_handler_lxd.py (+1/-1)
tests/unittests/test_handler/test_handler_resizefs.py (+42/-10)
tests/unittests/test_handler/test_handler_write_files.py (+12/-0)
tests/unittests/test_net.py (+137/-6)
tests/unittests/test_util.py (+6/-0)
tests/unittests/test_vmware_config_file.py (+52/-6)
tools/ds-identify (+32/-6)
tools/run-container (+1/-0)
tox.ini (+2/-2)
udev/66-azure-ephemeral.rules (+17/-1)

~chad.smith/cloud-init:ubuntu/cosmic

Merged into cloud-init:ubuntu/cosmic at revision 6db1a138541f807d103bcee3080d830c71dfab2e

Server Team CI bot: Approve (continuous-integration) on 2019-01-26

cloud-init Commiters: Pending requested 2019-01-26

Diff: 5357 lines (+2757/-473)

69 files modified

ChangeLog (+54/-0)
HACKING.rst (+2/-2)
bash_completion/cloud-init (+4/-1)
cloudinit/cmd/devel/logs.py (+23/-8)
cloudinit/cmd/devel/net_convert.py (+10/-5)
cloudinit/cmd/devel/render.py (+24/-11)
cloudinit/cmd/devel/tests/test_logs.py (+37/-6)
cloudinit/cmd/devel/tests/test_render.py (+44/-1)
cloudinit/cmd/main.py (+4/-16)
cloudinit/cmd/query.py (+24/-12)
cloudinit/cmd/tests/test_query.py (+71/-5)
cloudinit/config/cc_disk_setup.py (+1/-1)
cloudinit/config/cc_lxd.py (+1/-1)
cloudinit/config/cc_resizefs.py (+7/-0)
cloudinit/config/cc_set_passwords.py (+1/-1)
cloudinit/config/cc_write_files.py (+6/-1)
cloudinit/config/tests/test_set_passwords.py (+40/-0)
cloudinit/dhclient_hook.py (+72/-38)
cloudinit/handlers/jinja_template.py (+9/-1)
cloudinit/net/__init__.py (+34/-2)
cloudinit/net/dhcp.py (+76/-25)
cloudinit/net/eni.py (+15/-14)
cloudinit/net/netplan.py (+3/-3)
cloudinit/net/sysconfig.py (+61/-5)
cloudinit/net/tests/test_dhcp.py (+47/-4)
cloudinit/net/tests/test_init.py (+51/-1)
cloudinit/sources/DataSourceAzure.py (+74/-31)
cloudinit/sources/DataSourceNoCloud.py (+31/-1)
cloudinit/sources/DataSourceOVF.py (+30/-26)
cloudinit/sources/DataSourceOpenNebula.py (+1/-1)
cloudinit/sources/DataSourceScaleway.py (+10/-1)
cloudinit/sources/helpers/netlink.py (+250/-0)
cloudinit/sources/helpers/tests/test_netlink.py (+373/-0)
cloudinit/sources/helpers/vmware/imc/config_nic.py (+2/-3)
cloudinit/temp_utils.py (+2/-2)
cloudinit/tests/test_dhclient_hook.py (+105/-0)
cloudinit/tests/test_temp_utils.py (+17/-1)
cloudinit/tests/test_url_helper.py (+24/-1)
cloudinit/tests/test_util.py (+66/-17)
cloudinit/url_helper.py (+25/-6)
cloudinit/util.py (+20/-3)
cloudinit/version.py (+1/-1)
config/cloud.cfg.tmpl (+11/-1)
debian/changelog (+70/-0)
doc/rtd/topics/datasources.rst (+60/-1)
doc/rtd/topics/datasources/azure.rst (+65/-38)
doc/rtd/topics/network-config-format-v1.rst (+1/-1)
packages/redhat/cloud-init.spec.in (+1/-0)
packages/suse/cloud-init.spec.in (+1/-0)
systemd/cloud-init.service.tmpl (+1/-2)
tests/cloud_tests/releases.yaml (+16/-0)
tests/unittests/test_builtin_handlers.py (+25/-0)
tests/unittests/test_cli.py (+8/-8)
tests/unittests/test_datasource/test_azure.py (+201/-34)
tests/unittests/test_datasource/test_ec2.py (+24/-16)
tests/unittests/test_datasource/test_nocloud.py (+66/-34)
tests/unittests/test_datasource/test_ovf.py (+79/-43)
tests/unittests/test_datasource/test_scaleway.py (+72/-4)
tests/unittests/test_ds_identify.py (+16/-1)
tests/unittests/test_handler/test_handler_lxd.py (+1/-1)
tests/unittests/test_handler/test_handler_resizefs.py (+42/-10)
tests/unittests/test_handler/test_handler_write_files.py (+12/-0)
tests/unittests/test_net.py (+123/-6)
tests/unittests/test_util.py (+6/-0)
tests/unittests/test_vmware_config_file.py (+52/-6)
tools/ds-identify (+32/-6)
tools/run-container (+1/-0)
tox.ini (+2/-2)
udev/66-azure-ephemeral.rules (+17/-1)

~marlinc/cloud-init:chpasswd-hash

Merged into cloud-init:master

Server Team CI bot: Approve (continuous-integration) on 2019-01-15

Chad Smith: Approve on 2019-01-15

Scott Moser: Pending requested 2019-01-11

Marlin Cremers (marlinc) on 2019-01-11

description:

updated

Chad Smith (chad.smith) on 2019-01-15

Changed in cloud-init (Ubuntu):
status:	New → In Progress
Changed in cloud-init:
status:	New → In Progress

Revision history for this message

Server Team CI bot (server-team-bot) wrote on 2019-01-15:

This bug is fixed with commit ad170db9 to cloud-init on branch master.
To view that commit see the following URL:
https://git.launchpad.net/cloud-init/commit/?id=ad170db9

Changed in cloud-init:
status:	In Progress → Fix Committed

Marlin Cremers (marlinc) on 2019-01-15

Changed in cloud-init (Ubuntu):
status:	In Progress → Fix Committed
status:	Fix Committed → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-01-28:

This bug was fixed in the package cloud-init - 18.5-17-gd1a2fe73-0ubuntu1

---------------
cloud-init (18.5-17-gd1a2fe73-0ubuntu1) disco; urgency=medium

  * New upstream snapshot.
    - opennebula: exclude EPOCHREALTIME as known bash env variable with a
      delta (LP: #1813383)
    - tox: fix disco httpretty dependencies for py37 (LP: #1813361)
    - run-container: uncomment baseurl in yum.repos.d/*.repo when using a
      proxy [Paride Legovini]
    - lxd: install zfs-linux instead of zfs meta package
      [Johnson Shi] (LP: #1799779)
    - net/sysconfig: do not write a resolv.conf file with only the header.
      [Robert Schweikert]
    - net: Make sysconfig renderer compatible with Network Manager.
      [Eduardo Otubo]
    - cc_set_passwords: Fix regex when parsing hashed passwords
      [Marlin Cremers] (LP: #1811446)
    - net: Wait for dhclient to daemonize before reading lease file
      [Jason Zions] (LP: #1794399)
    - [Azure] Increase retries when talking to Wireserver during metadata walk
      [Jason Zions]
    - Add documentation on adding a datasource.
    - doc: clean up some datasource documentation.
    - ds-identify: fix wrong variable name in ovf_vmware_transport_guestinfo.
    - Scaleway: Support ssh keys provided inside an instance tag. [PORTE Loïc]
    - OVF: simplify expected return values of transport functions.
    - Vmware: Add support for the com.vmware.guestInfo OVF transport.
      (LP: #1807466)
    - HACKING.rst: change contact info to Josh Powers

-- Chad Smith <email address hidden> Sat, 26 Jan 2019 08:27:35 -0700

Changed in cloud-init (Ubuntu):
status:	In Progress → Fix Released

Revision history for this message

Chad Smith (chad.smith) wrote on 2019-05-10: Fixed in cloud-init version 19.1.

This bug is believed to be fixed in cloud-init in version 19.1. If this is still a problem for you, please make a comment and set the state back to New

Thank you.