[jira] [Commented] (CLOUDSTACK-10067) Fix a case where a user 'ro' or 'roo' exists on the system

["ASF subversion and git services (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-10067?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16169653#comment-16169653 ] 

ASF subversion and git services commented on CLOUDSTACK-10067:
--------------------------------------------------------------

Commit a4036f708300077d1408ba9b6b930b79b06247c3 in cloudstack's branch refs/heads/master from [~larstobi]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=a4036f7 ]

CLOUDSTACK-10067: Fix a case where a user 'ro' or 'roo' exists on the system, or other variants. (#2252)

If one sets user=roo, this will return two directories and then it will fail.

> Fix a case where a user 'ro' or 'roo' exists on the system
> ----------------------------------------------------------
>
>                 Key: CLOUDSTACK-10067
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10067
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>            Reporter: Lars Tobias Skjong-Børsting
>
> Fix a case where a user 'ro' or 'roo' exists on the system or other variants, like 'cen' and 'centos'.
> If one sets user=roo, this will return two directories (/root /home/roo) and then it will fail.
> Also, if user 'ro' or 'roo' does not exist, this will happily put the sshkey to the authorized_keys of the root account, which is not the intended place.
> As another slightly less improbable example, if we have two users in our company named lars, then we could end up with lars's sshkey in larsb's authorized_keys.
> The binary getent should be available on most Linux platforms, including ones using uClibc.
> Pull Request on Github, see external URL.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)