[Bug 1440263] Re: CloudStack reset password not working

Thomas Moroder (server24) cloudstack at server24.eu
Thu Jun 11 13:12:37 UTC 2015


The problem has two (possible) causes:

(1) the cloud-init scripts only run once per instance, this can be fixed
by Dan Watkings' addition above;

(2) when using ACS 4.5.1 with newer sytem-templates, the password server
now responds correctly with full HTTP-headers (and is also a lot
faster). This is a great improvement and both the old and the new
response-type work with "wget" as used in the legacy cloudstack-set-
guest-password scripts, but not in cloud-init as there is specific
python-code to circumvent the missing HTTP-headers in /usr/lib/python2.7
/dist-packages/cloudinit/sources/DataSourceCloudStack.py. With the
update Virtual Router from ACS 4.5.1 and the cloud-init scripts the
get_password call returns "HTTP/1.0 200 OK" instead of the password!

It is not easy to fix this generally, as old versions of the CloudStack
System-VR will work with cloud-init as per (1), but will not work with
newer versions. What is more, the password "HTTP/1.0 200 OK" is also a
possible security problem.

My suggestion would be to switch to using wget in this fashion:

                password=$(wget -q -t 3 -T 20 -O - --header "DomU_Request: send_my_password" $PASSWORD_SERVER_IP:8080)
                password=$(echo $password | tr -d '\r')

This works correctly for both CloudStack-Versions.

My patched DataSourceCloudStack.py looks like this starting from line
82:

    def get_password(self):
        # password = self._do_request('send_my_password')
        password=$(wget -q -t 3 -T 20 -O - --header "DomU_Request: send_my_password" $PASSWORD_SERVER_IP:8080)
        password=$(echo $password | tr -d '\r')

        if password in ['', 'saved_password']:
            return None
        if password == 'bad_request':
            raise RuntimeError('Error when attempting to fetch root password.')
        self._do_request('saved_password')
        return password

Any thoughts about this?

Thomas Moroder
server24

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cloud-init in Ubuntu.
https://bugs.launchpad.net/bugs/1440263

Title:
  CloudStack reset password not working

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1440263/+subscriptions



More information about the Ubuntu-server-bugs mailing list