2100237 – cephadm user/home removed during RPM upgrade

Bug 2100237 - cephadm user/home removed during RPM upgrade

Summary: cephadm user/home removed during RPM upgrade

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	ceph
Sub Component:
Version:	35
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Kaleb KEITHLEY
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-06-22 19:34 UTC by Scott Shambarger
Modified:	2022-07-02 01:19 UTC (History)
CC List:	10 users (show)
Fixed In Version:	ceph-16.2.9-2.fc35
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-07-02 01:19:58 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Ceph Project Bug Tracker	55664	0	None	None	None	2022-06-22 19:34:21 UTC

Description Scott Shambarger 2022-06-22 19:34:22 UTC

Description of problem:
Upgrading the cephadm package removes the cephadm user (and home directory), which removes the ~cephadm/.ssh/authorized_keys file, causing the node to appear offline in the orchestrator.

Version-Release number of selected component (if applicable):
cephadm-16.2.7-3.fc35.noarch

How reproducible:
Always when upgrading the cephadm package from a prior release.

Steps to Reproduce:
1. Install cephadm
2. Install ssh public keys in ~cephadm/.ssh/authorized_keys
3. Upgrade cephadm

Actual results:
~cephadm home directory is removed

Expected results:
~cephadm/.ssh/authorized_keys should remain unchanged.

Additional info:
I've reported this upstream at https://tracker.ceph.com/issues/55664 (now fixed)

To fix the Fedora rpm spec, two patches are required... (both applied to ceph master and being backported)

# only remove cephadm user on uninstall:
https://github.com/ceph/ceph/pull/46272

# correctly mark ~cephadm/.ssh/authorized_keys as config(noreplace):
https://github.com/ceph/ceph/pull/45347

For ref: there is also a bug for this issue fixed in Red Hat Ceph Storage: https://bugzilla.redhat.com/show_bug.cgi?id=2013085

Comment 1 Fedora Update System 2022-06-23 11:40:15 UTC

FEDORA-2022-8c9a42cf02 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-8c9a42cf02

Comment 2 Scott Shambarger 2022-06-23 20:01:05 UTC

Looks good, worked on second reinstall (of course, during upgrade from previous version, cephadm was still removed as the bug was still present in the old package... but that's to be expected)

Comment 3 Fedora Update System 2022-06-24 02:22:17 UTC

FEDORA-2022-8c9a42cf02 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-8c9a42cf02`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-8c9a42cf02

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 4 Fedora Update System 2022-07-02 01:19:58 UTC

FEDORA-2022-8c9a42cf02 has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.