Bug 836650 - ssh-copy-id returns 0 even if the actual operation fails.
ssh-copy-id returns 0 even if the actual operation fails.
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openssh (Show other bugs)
6.4
Unspecified Unspecified
low Severity low
: rc
: ---
Assigned To: Petr Lautrbach
Jiri Jaburek
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-29 15:23 EDT by Gurhan Ozen
Modified: 2013-02-21 05:28 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 05:28:02 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gurhan Ozen 2012-06-29 15:23:21 EDT
Description of problem:
ssh-copy-id seems to return zero even if there is an error in copying the key to the remote host. 

Below is a session in which key is tried to be copied over to a remote host that doesn't have any free space available:
# ssh-copy-id -i  ~/.ssh/kdump_id_rsa.pub root@dhcp46-175.lab.bos.redhat.com
root@dhcp46-175.lab.bos.redhat.com's password:
cat: write error: No space left on device
Now try logging into the machine, with "ssh
'root@dhcp46-175.lab.bos.redhat.com'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

# echo $?
0

In the middle you can see that "cat: write error: No space left on device error" message 

Same issue doesn't happen on rhel5 either:

# ssh-copy-id -i  ~/.ssh/kdump_id_rsa.pub root@dhcp46-175.lab.bos.redhat.com
27
The authenticity of host 'dhcp46-175.lab.bos.redhat.com (10.16.46.175)' can't be
established.
RSA key fingerprint is c1:1d:02:95:cd:42:1f:a4:8d:da:ee:c5:98:72:a5:d4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'dhcp46-175.lab.bos.redhat.com,10.16.46.175' (RSA) to
the list of known hosts.
root@dhcp46-175.lab.bos.redhat.com's password:
cat: write error: No space left on device
# echo $?
1


Version-Release number of selected component (if applicable):
openssh-clients-5.3p1-20.el6.x86_64

How reproducible:
Everytime

Steps to Reproduce:
1. Try to copy a key over to a machine that has no space available.
2. 
3.
  
Actual results:
returns zero 

Expected results:
Should not return zero

Additional info:
Comment 2 Petr Lautrbach 2012-07-09 11:53:55 EDT
There is the openssh-5.3p1-selabel.patch which changed behavior of ssh-copy-id to call also restorecon. This needs to be changed:

--- /usr/bin/ssh-copy-id.orig   2012-07-09 17:39:31.861061082 +0200
+++ /usr/bin/ssh-copy-id        2012-07-09 17:51:25.129074800 +0200
@@ -38,7 +38,7 @@
   exit 1
 fi
 
-{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys; test -x /sbin/restorecon && /sbin/restorecon .ssh .ssh/authorized_keys" || exit 1
+{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d ~/.ssh || mkdir ~/.ssh ; cat >> ~/.ssh/authorized_keys && (test -x /sbin/restorecon && /sbin/restorecon ~/.ssh ~/.ssh/authorized_keys >/dev/null 2>&1 || true)" || exit 1
 
 cat <<EOF
 Now try logging into the machine, with "ssh '$1'", and check in:
Comment 6 errata-xmlrpc 2013-02-21 05:28:02 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0519.html

Note You need to log in before you can comment on or make changes to this bug.