atlas-sw-probe: tweak SSH key permissions #24649
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kempniu
force-pushed
the
atlas-sw-probe-tweak-ssh-key-permissions
branch
from
3242e6a to
eb1e0eb
Compare
Do not run chown or chgrp for probe key files since the probe scripts are run as root anyway. Do not run chmod 644 for /etc/atlas/probe_key since an SSH private key should not be readable by any user except the owner. Signed-off-by: Michał Kępień <[email protected]>
kempniu
force-pushed
the
atlas-sw-probe-tweak-ssh-key-permissions
branch
from
eb1e0eb to
ac6234d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Do not run
chownorchgrpfor probe key files since the probe scripts are run as root anyway.Do not run
chmod 644for/etc/atlas/probe_keysince an SSH private key should not be readable by any user except the owner.Maintainer: @ja-pa
Cc: @Ansuel (author of 0afe371, see #15488)
Perhaps I am missing something obvious, but the efforts that the init script makes to
chown atlas:atlasvarious files is puzzling to me, given that upstream scripts do not seem to be designed for running as any user other than root (there are e.g. writes to hard-coded paths that are only writable by root. (Theatlasuser is created by theatlas-probepackage.)In fact, if the SSH key files were owned by root in the first place,
sshitself would detect that the permissions set for them by the init script are too open. However, that check is only triggered if the user thatsshis run as is the same as the user owning the key file. (In this case, that'srootvs.atlas, so the 644 mode set for the private key does not preventsshfrom working.)This PR attempts to ensure that file modes are set identical no matter whether
ssh-keygenordropbearkey/dropbearconvertare used for generating the probe keys.