Bug 2120223

Summary: Please login as the user "NONE" rather than the user "root".
Product: Red Hat OpenStack Reporter: Attila Fazekas <afazekas>
Component: python-metalsmithAssignee: Steve Baker <sbaker>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: 17.1 (Wallaby)CC: dtantsur, hbrock, hjensas, jslagle, mburns, sbaker, tkajinam
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-06-26 20:05:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Attila Fazekas 2022-08-22 09:04:48 UTC
Description of problem:
[stack@undercloud-0 ~]$ source stackrc 
(undercloud) [stack@undercloud-0 ~]$ metalsmith list
+--------------------------------------+--------------+--------------------------------------+--------------+--------+------------------------+
| UUID                                 | Node Name    | Allocation UUID                      | Hostname     | State  | IP Addresses           |
+--------------------------------------+--------------+--------------------------------------+--------------+--------+------------------------+
| cab1a299-f2fb-4b6f-9fc4-9d7080cb1a4f | ceph-0       | f519b113-7546-44e0-ae08-de80295e6892 | ceph-0       | ACTIVE | ctlplane=192.168.24.13 |
| 64e3a034-6427-4c2a-9ba0-703f8c9c2325 | ceph-1       | d4d6947d-7b38-4e7c-94b2-6d9376a88604 | ceph-1       | ACTIVE | ctlplane=192.168.24.11 |
| 7d826edf-3faf-4ac5-af0d-4ae82ad6600b | ceph-2       | d29c03b6-0a8e-456f-af1d-4f74cf76e526 | ceph-2       | ACTIVE | ctlplane=192.168.24.20 |
| eda73007-f7cb-48cc-a9e0-007452c5d752 | compute-0    | 111a64e3-3785-4a60-b4d1-1a80ea16cdff | compute-0    | ACTIVE | ctlplane=192.168.24.36 |
| 2a2e849b-6031-4b5f-bf73-4a51085a2ca4 | compute-1    | 4a66d41b-d094-4a2c-aa58-1d9be9d5efcd | compute-1    | ACTIVE | ctlplane=192.168.24.25 |
| eb9297aa-f6fc-42bd-862a-ed0b2ce07d74 | controller-0 | 70b36dca-ea36-4a25-b0f1-69618726ea32 | controller-0 | ACTIVE | ctlplane=192.168.24.21 |
| 1d84948c-b80d-432f-8380-814ab60202dd | controller-1 | f375d6bb-cf00-4988-b3ba-78db2f557820 | controller-1 | ACTIVE | ctlplane=192.168.24.23 |
| 915f41e0-3335-48af-84a4-97ae63417865 | controller-2 | 9fb18271-048e-4c5b-b4cf-03f4629bc545 | controller-2 | ACTIVE | ctlplane=192.168.24.38 |
+--------------------------------------+--------------+--------------------------------------+--------------+--------+------------------------+
(undercloud) [stack@undercloud-0 ~]$ ssh root.24.21
Warning: Permanently added '192.168.24.21' (ED25519) to the list of known hosts.
Please login as the user "NONE" rather than the user "root".


Version-Release number of selected component (if applicable):
undercloud:
puppet-tripleo-14.2.3-1.20220802084432.47e76e9.el9osttrunk.noarch
ansible-tripleo-ipsec-11.0.1-1.20220727105329.b5559c8.el9osttrunk.noarch
ansible-role-tripleo-modify-image-1.4.1-1.20220727214250.c9831b5.el9osttrunk.noarch
ansible-tripleo-ipa-0.2.3-1.20220802090819.52eab7d.el9osttrunk.noarch
openstack-tripleo-common-containers-15.4.1-1.20220802090819.f3ac1d0.el9osttrunk.noarch
python3-tripleo-common-15.4.1-1.20220802090819.f3ac1d0.el9osttrunk.noarch
openstack-tripleo-common-15.4.1-1.20220802090819.f3ac1d0.el9osttrunk.noarch
tripleo-ansible-3.3.1-1.20220804111004.151b614.el9osttrunk.noarch
openstack-tripleo-heat-templates-14.3.1-1.20220802083654.b300341.el9osttrunk.noarch
openstack-tripleo-validations-14.3.1-1.20220804031243.d74d3fc.el9osttrunk.noarch
python3-tripleoclient-16.4.1-1.20220802082858.54998e2.el9osttrunk.noarch

overcloud:
cloud-init-21.1-19.el9_0.3.noarch

Expected results:
a, root login allowed with same key as tripleo-admin.
Using sunder user usually recommended because of auditing reason,
Regardless to using tripleo-admin or root the actual human cannot be known better.
b, print an existing no password sudoer user, like tripleo-admin instead of 'NONE',
c, Rephrase the sentence to do not look like somebody forget some template variable somewhere.

Comment 3 Steve Baker 2022-08-22 19:49:45 UTC
Need to replace the cloud-init heat-admin users: directive with the system_info.default_user directive, see https://cloudinit.readthedocs.io/en/latest/topics/examples.html

Comment 4 Steve Baker 2022-11-21 21:35:07 UTC
This will require an update to metalsmith to build the cloud-init for the default user, which is quite different to other users.