[Bug 1161264] New: ignition, /root and installing ssh key
http://bugzilla.suse.com/show_bug.cgi?id=1161264 Bug ID: 1161264 Summary: ignition, /root and installing ssh key Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Other Assignee: iforster@suse.com Reporter: kukuk@suse.com QA Contact: qa-bugs@suse.de CC: fvogt@suse.com Found By: --- Blocker: --- We have a chicken/egg problem with ignition and installing a root ssh key on a transactional-update system: /root is not mounted in initrd, you need to add an entry in the ignition config to mount /root. To do that, you need to know the device name. Which leads to two problems: 1. I don't know the device name upfront, I need to login first. But's that's not possible without working ignition config. 2. The device name varies on different machines. So you need an extra config/usb disk for every different machine. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1161264 http://bugzilla.suse.com/show_bug.cgi?id=1161264#c1 Ignaz Forster <iforster@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Ignaz Forster <iforster@suse.com> --- If the exact device name is not known it may be possible to mount the device by label. However setting an SSH key for root may really be a common use case, so mounting it by default seems to be a good idea. Fixed in https://build.opensuse.org/request/show/766129 / https://github.com/openSUSE/read-only-root-fs/commit/af75f6c505fcc01ab8a46ee... by adding the "x-initrd.mount" option to /etc/fstab for /root. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1161264 https://bugzilla.suse.com/show_bug.cgi?id=1161264#c6 --- Comment #6 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2022:1821-1: An update that has three recommended fixes can now be installed. Category: recommended (low) Bug References: 1156421,1161264,1176052 CVE References: JIRA References: Sources used: openSUSE Leap 15.4 (src): read-only-root-fs-1.0+git20190206.586e9f1-150100.3.3.1 openSUSE Leap 15.3 (src): read-only-root-fs-1.0+git20190206.586e9f1-150100.3.3.1 SUSE Linux Enterprise Module for Transactional Server 15-SP4 (src): read-only-root-fs-1.0+git20190206.586e9f1-150100.3.3.1 SUSE Linux Enterprise Module for Transactional Server 15-SP3 (src): read-only-root-fs-1.0+git20190206.586e9f1-150100.3.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com -
bugzilla_noreply@suse.com