diff options
-rw-r--r-- | debian/changelog | 7 | ||||
-rw-r--r-- | debian/patches/lp-1224684-azure-passwordless-sudo.patch | 43 | ||||
-rw-r--r-- | debian/patches/series | 1 |
3 files changed, 51 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index c9c0b882..5bd2b4b3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +cloud-init (0.6.3-0ubuntu1.7) precise-proposed; urgency=low + + * debian/patches/lp-1224684-azure-passwordless-sudo.patch: + set up passwordless sudo for provisioned user on azure (LP: #1224684). + + -- Scott Moser <smoser@ubuntu.com> Fri, 13 Sep 2013 11:44:00 -0400 + cloud-init (0.6.3-0ubuntu1.6) precise-proposed; urgency=low * debian/patches/rework-mirror-selection.patch: update patch to diff --git a/debian/patches/lp-1224684-azure-passwordless-sudo.patch b/debian/patches/lp-1224684-azure-passwordless-sudo.patch new file mode 100644 index 00000000..52b8abc2 --- /dev/null +++ b/debian/patches/lp-1224684-azure-passwordless-sudo.patch @@ -0,0 +1,43 @@ +Author: Scott Moser <smoser@ubuntu.com> +Bug: https://launchpad.net/bugs/1224684 +Applied-Upstream: yes +Description: write sudo file for default provisioned user in azure + Azure datasource adds a user, but was not enabling that user + to sudo without a password. So, if no password was provided, the + user could not sudo in any way. +--- a/cloudinit/DataSourceAzure.py ++++ b/cloudinit/DataSourceAzure.py +@@ -474,6 +474,33 @@ def adduser(user): + LOG.warn("Failed to create user with (%s). got: %s" % exc.output) + raise + ++ # imgbuild_sudoers_f is created by the 12.04 image build process ++ # to set the ubuntu user up with passwordless sudo. If that ++ # file is present and user is ubuntu, don't confuse things. ++ imgbuild_sudoers_f = "/etc/sudoers.d/90-cloudimg-ubuntu" ++ if user == "ubuntu" and os.path.isfile(imgbuild_sudoers_f): ++ LOG.debug("sudoers: ubuntu user and existing %s, not modifying", ++ imgbuild_sudoers_f) ++ else: ++ # 90-cloud-init-users is the file that future versions of ++ # cloud-init would work on. So we chose that file here. ++ sudoers_f = "/etc/sudoers.d/90-cloud-init-users" ++ header = "# Created by cloud-init azure datasource\n" ++ content = '\n'.join(( ++ "# User rules for %s" % user, ++ "%s ALL=(ALL) NOPASSWD:ALL" % user, ++ '',)) ++ ++ if not os.path.isfile(sudoers_f): ++ util.write_file(filename=sudoers_f, ++ content=header, mode=0440) ++ ++ util.write_file(filename=sudoers_f, omode="ab", ++ content=content, mode=0440) ++ LOG.debug("sudoers: added %s to %s", user, sudoers_f) ++ ++ return ++ + + def list_possible_azure_ds_devs(): + # return a sorted list of devices that might have a azure datasource diff --git a/debian/patches/series b/debian/patches/series index 9f00dfa5..d1c769c7 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -12,3 +12,4 @@ lp-1031065-nonet-not-start-networking.patch lp-1037567-add-config-drive-v2-support.conf future_utils.patch lp-1202202-azure-datasource.patch +lp-1224684-azure-passwordless-sudo.patch |