Bug 2100237 - cephadm user/home removed during RPM upgrade
Summary: cephadm user/home removed during RPM upgrade
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: ceph
Version: 35
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Kaleb KEITHLEY
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-06-22 19:34 UTC by Scott Shambarger
Modified: 2022-07-02 01:19 UTC (History)
10 users (show)

Fixed In Version: ceph-16.2.9-2.fc35
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-07-02 01:19:58 UTC
Type: Bug


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Ceph Project Bug Tracker 55664 0 None None None 2022-06-22 19:34:21 UTC

Description Scott Shambarger 2022-06-22 19:34:22 UTC
Description of problem:
Upgrading the cephadm package removes the cephadm user (and home directory), which removes the ~cephadm/.ssh/authorized_keys file, causing the node to appear offline in the orchestrator.

Version-Release number of selected component (if applicable):
cephadm-16.2.7-3.fc35.noarch

How reproducible:
Always when upgrading the cephadm package from a prior release.

Steps to Reproduce:
1. Install cephadm
2. Install ssh public keys in ~cephadm/.ssh/authorized_keys
3. Upgrade cephadm

Actual results:
~cephadm home directory is removed

Expected results:
~cephadm/.ssh/authorized_keys should remain unchanged.

Additional info:
I've reported this upstream at https://tracker.ceph.com/issues/55664 (now fixed)

To fix the Fedora rpm spec, two patches are required... (both applied to ceph master and being backported)

# only remove cephadm user on uninstall:
https://github.com/ceph/ceph/pull/46272

# correctly mark ~cephadm/.ssh/authorized_keys as config(noreplace):
https://github.com/ceph/ceph/pull/45347

For ref: there is also a bug for this issue fixed in Red Hat Ceph Storage: https://bugzilla.redhat.com/show_bug.cgi?id=2013085

Comment 1 Fedora Update System 2022-06-23 11:40:15 UTC
FEDORA-2022-8c9a42cf02 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-8c9a42cf02

Comment 2 Scott Shambarger 2022-06-23 20:01:05 UTC
Looks good, worked on second reinstall (of course, during upgrade from previous version, cephadm was still removed as the bug was still present in the old package... but that's to be expected)

Comment 3 Fedora Update System 2022-06-24 02:22:17 UTC
FEDORA-2022-8c9a42cf02 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-8c9a42cf02`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-8c9a42cf02

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 4 Fedora Update System 2022-07-02 01:19:58 UTC
FEDORA-2022-8c9a42cf02 has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.