Activity log for bug #1755027

Date Who What changed Old value New value Message
2018-03-11 21:21:50 James Troup bug added bug
2018-03-11 21:22:17 James Troup bug added subscriber Canonical IS BootStack
2018-03-11 21:22:24 James Troup bug added subscriber The Canonical Sysadmins
2018-03-11 21:22:32 James Troup bug added subscriber James Page
2018-03-11 21:22:40 James Troup bug added subscriber Ryan Beisner
2018-03-11 21:22:53 James Troup bug added subscriber Dean Henrichsmeyer
2018-03-11 21:54:15 Xav Paice charm-openstack-dashboard: status New Confirmed
2018-03-13 13:40:11 Ryan Beisner charm-openstack-dashboard: milestone 18.05
2018-03-13 13:40:19 Ryan Beisner charm-openstack-dashboard: assignee Corey Bryant (corey.bryant)
2018-03-13 13:40:22 Ryan Beisner charm-openstack-dashboard: importance Undecided Critical
2018-03-13 13:43:45 Ryan Beisner bug added subscriber Corey Bryant
2018-03-13 13:44:00 Ryan Beisner tags uosci
2018-03-13 13:44:26 Ryan Beisner bug added subscriber David Ames
2018-03-13 14:55:20 Corey Bryant summary local_settings.py is world readable and contains passwords [SRU] local_settings.py is world readable and contains passwords
2018-03-13 14:55:37 Corey Bryant bug task added horizon (Ubuntu)
2018-03-13 14:55:56 Corey Bryant nominated for series Ubuntu Xenial
2018-03-13 14:55:56 Corey Bryant bug task added horizon (Ubuntu Xenial)
2018-03-13 14:55:56 Corey Bryant nominated for series Ubuntu Trusty
2018-03-13 14:55:56 Corey Bryant bug task added horizon (Ubuntu Trusty)
2018-03-13 14:56:05 Corey Bryant horizon (Ubuntu): status New Invalid
2018-03-13 14:56:08 Corey Bryant horizon (Ubuntu Trusty): status New Triaged
2018-03-13 14:56:10 Corey Bryant horizon (Ubuntu Trusty): importance Undecided Critical
2018-03-13 14:56:12 Corey Bryant horizon (Ubuntu Xenial): importance Undecided Critical
2018-03-13 14:56:14 Corey Bryant horizon (Ubuntu Xenial): status New Triaged
2018-03-13 14:56:26 Corey Bryant bug task added cloud-archive
2018-03-13 14:56:32 Corey Bryant cloud-archive: status New Invalid
2018-03-13 14:56:43 Corey Bryant nominated for series cloud-archive/ocata
2018-03-13 14:56:43 Corey Bryant bug task added cloud-archive/ocata
2018-03-13 14:56:43 Corey Bryant nominated for series cloud-archive/icehouse
2018-03-13 14:56:43 Corey Bryant bug task added cloud-archive/icehouse
2018-03-13 14:56:43 Corey Bryant nominated for series cloud-archive/newton
2018-03-13 14:56:43 Corey Bryant bug task added cloud-archive/newton
2018-03-13 14:56:43 Corey Bryant nominated for series cloud-archive/kilo
2018-03-13 14:56:43 Corey Bryant bug task added cloud-archive/kilo
2018-03-13 14:56:43 Corey Bryant nominated for series cloud-archive/mitaka
2018-03-13 14:56:43 Corey Bryant bug task added cloud-archive/mitaka
2018-03-13 14:56:58 Corey Bryant bug task deleted cloud-archive/icehouse
2018-03-13 14:57:06 Corey Bryant cloud-archive/kilo: importance Undecided Critical
2018-03-13 14:57:08 Corey Bryant cloud-archive/mitaka: importance Undecided Critical
2018-03-13 14:57:10 Corey Bryant cloud-archive/newton: importance Undecided Critical
2018-03-13 14:57:11 Corey Bryant cloud-archive/ocata: importance Undecided Critical
2018-03-13 15:00:58 Corey Bryant description nobody@juju-a45617-0-lxd-4:/$ grep PASSWORD /etc/openstack-dashboard/local_settings.py 'PASSWORD': 'yNXwml0TXuWjcW19jDzE49IiohSIMY', #EMAIL_HOST_PASSWORD = 'top-secret!' #OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True #ENFORCE_PASSWORD_CHECK = False nobody@juju-a45617-0-lxd-4:/$ Needless to say, I should not be able to see passwords as 'nobody'. This is on a customer site, but I've reproduced at least the world readableness with a fresh deploy of cs:openstack-dashboard locally. [Impact] nobody@juju-a45617-0-lxd-4:/$ grep PASSWORD /etc/openstack-dashboard/local_settings.py         'PASSWORD': 'yNXwml0TXuWjcW19jDzE49IiohSIMY', #EMAIL_HOST_PASSWORD = 'top-secret!' #OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True #ENFORCE_PASSWORD_CHECK = False nobody@juju-a45617-0-lxd-4:/$ Needless to say, I should not be able to see passwords as 'nobody'. This is on a customer site, but I've reproduced at least the world readableness with a fresh deploy of cs:openstack-dashboard locally. This release sports mostly bug-fixes and we would like to make sure all of our supported customers have access to these improvements. The update contains the following package updates: * <TODO: Create list with package names and versions> [Test Case] apt install openstack-dashboard sudo ls -al /etc/openstack-dashboard/ permissions should be: -rw-r----- 1 root horizon 30995 Mar 13 14:12 local_settings.py [Regression Potential] Very minimal regression potential. The fix is already in artful/pike and bionic/queens. [Discussion]
2018-03-13 15:31:56 Corey Bryant cloud-archive/ocata: status New Triaged
2018-03-13 15:31:58 Corey Bryant cloud-archive/newton: status New Triaged
2018-03-13 15:32:00 Corey Bryant cloud-archive/mitaka: status New Triaged
2018-03-13 15:32:10 Corey Bryant cloud-archive/kilo: status New Triaged
2018-03-13 15:34:51 Ryan Beisner cloud-archive: assignee Corey Bryant (corey.bryant)
2018-03-13 15:34:58 Ryan Beisner cloud-archive/kilo: assignee Corey Bryant (corey.bryant)
2018-03-13 15:35:04 Ryan Beisner cloud-archive/mitaka: assignee Corey Bryant (corey.bryant)
2018-03-13 15:35:18 Ryan Beisner cloud-archive/newton: assignee Corey Bryant (corey.bryant)
2018-03-13 15:35:27 Ryan Beisner cloud-archive/ocata: assignee Corey Bryant (corey.bryant)
2018-03-13 15:35:38 Ryan Beisner horizon (Ubuntu Trusty): assignee Corey Bryant (corey.bryant)
2018-03-13 15:35:45 Ryan Beisner horizon (Ubuntu Xenial): assignee Corey Bryant (corey.bryant)
2018-03-13 15:35:52 Ryan Beisner charm-openstack-dashboard: status Confirmed Invalid
2018-03-13 17:03:55 Corey Bryant cloud-archive/ocata: status Triaged Fix Committed
2018-03-13 17:03:56 Corey Bryant tags uosci uosci verification-ocata-needed
2018-03-13 17:04:27 Corey Bryant cloud-archive/newton: status Triaged Fix Committed
2018-03-13 17:04:28 Corey Bryant tags uosci verification-ocata-needed uosci verification-newton-needed verification-ocata-needed
2018-03-13 17:05:51 Corey Bryant cloud-archive/kilo: status Triaged Fix Committed
2018-03-13 17:05:52 Corey Bryant tags uosci verification-newton-needed verification-ocata-needed uosci verification-kilo-needed verification-newton-needed verification-ocata-needed
2018-03-13 17:31:02 Corey Bryant charm-openstack-dashboard: importance Critical Undecided
2018-03-13 17:31:05 Corey Bryant charm-openstack-dashboard: assignee Corey Bryant (corey.bryant)
2018-03-13 17:31:11 Corey Bryant charm-openstack-dashboard: milestone 18.05
2018-03-13 17:31:21 Corey Bryant cloud-archive: assignee Corey Bryant (corey.bryant)
2018-03-14 16:32:54 Corey Bryant charm-openstack-dashboard: status Invalid Triaged
2018-03-14 16:32:57 Corey Bryant charm-openstack-dashboard: importance Undecided Critical
2018-03-14 16:33:01 Corey Bryant charm-openstack-dashboard: assignee Corey Bryant (corey.bryant)
2018-03-14 16:34:16 Corey Bryant charm-openstack-dashboard: assignee Corey Bryant (corey.bryant)
2018-03-14 20:49:21 Corey Bryant bug task added designate-dashboard (Ubuntu)
2018-03-14 20:49:51 Corey Bryant bug task deleted designate-dashboard (Ubuntu Trusty)
2018-03-14 20:50:10 Corey Bryant bug task deleted designate-dashboard (Ubuntu Xenial)
2018-03-14 20:50:17 Corey Bryant nominated for series Ubuntu Artful
2018-03-14 20:50:17 Corey Bryant bug task added horizon (Ubuntu Artful)
2018-03-14 20:50:17 Corey Bryant bug task added designate-dashboard (Ubuntu Artful)
2018-03-14 20:50:32 Corey Bryant designate-dashboard (Ubuntu Artful): importance Undecided Critical
2018-03-14 20:50:32 Corey Bryant designate-dashboard (Ubuntu Artful): status New Triaged
2018-03-14 20:50:55 Corey Bryant designate-dashboard (Ubuntu Artful): assignee Corey Bryant (corey.bryant)
2018-03-14 20:51:07 Corey Bryant designate-dashboard (Ubuntu): status New Invalid
2018-03-14 20:52:03 Corey Bryant bug task added sahara-dashboard (Ubuntu)
2018-03-14 20:52:37 Corey Bryant sahara-dashboard (Ubuntu): importance Undecided Critical
2018-03-14 20:52:37 Corey Bryant sahara-dashboard (Ubuntu): status New Triaged
2018-03-14 20:52:45 Corey Bryant sahara-dashboard (Ubuntu): assignee Corey Bryant (corey.bryant)
2018-03-14 20:53:00 Corey Bryant sahara-dashboard (Ubuntu): importance Critical Undecided
2018-03-14 20:53:00 Corey Bryant sahara-dashboard (Ubuntu): status Triaged Invalid
2018-03-14 20:53:00 Corey Bryant sahara-dashboard (Ubuntu): assignee Corey Bryant (corey.bryant)
2018-03-14 20:53:15 Corey Bryant sahara-dashboard (Ubuntu Artful): importance Undecided Critical
2018-03-14 20:53:15 Corey Bryant sahara-dashboard (Ubuntu Artful): status New Triaged
2018-03-14 20:53:15 Corey Bryant sahara-dashboard (Ubuntu Artful): assignee Corey Bryant (corey.bryant)
2018-03-14 20:53:41 Corey Bryant bug task deleted horizon (Ubuntu Artful)
2018-03-14 20:56:13 Corey Bryant bug task added murano-dashboard (Ubuntu)
2018-03-14 20:57:29 Corey Bryant bug task added neutron-lbaas-dashboard (Ubuntu)
2018-03-14 20:58:33 Corey Bryant bug task added trove-dashboard (Ubuntu)
2018-03-15 12:44:46 Corey Bryant bug added subscriber Michael Skalka
2018-03-15 12:47:33 Corey Bryant description [Impact] nobody@juju-a45617-0-lxd-4:/$ grep PASSWORD /etc/openstack-dashboard/local_settings.py         'PASSWORD': 'yNXwml0TXuWjcW19jDzE49IiohSIMY', #EMAIL_HOST_PASSWORD = 'top-secret!' #OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True #ENFORCE_PASSWORD_CHECK = False nobody@juju-a45617-0-lxd-4:/$ Needless to say, I should not be able to see passwords as 'nobody'. This is on a customer site, but I've reproduced at least the world readableness with a fresh deploy of cs:openstack-dashboard locally. This release sports mostly bug-fixes and we would like to make sure all of our supported customers have access to these improvements. The update contains the following package updates: * <TODO: Create list with package names and versions> [Test Case] apt install openstack-dashboard sudo ls -al /etc/openstack-dashboard/ permissions should be: -rw-r----- 1 root horizon 30995 Mar 13 14:12 local_settings.py [Regression Potential] Very minimal regression potential. The fix is already in artful/pike and bionic/queens. [Discussion] [Impact] nobody@juju-a45617-0-lxd-4:/$ grep PASSWORD /etc/openstack-dashboard/local_settings.py         'PASSWORD': 'yNXwml0TXuWjcW19jDzE49IiohSIMY', #EMAIL_HOST_PASSWORD = 'top-secret!' #OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True #ENFORCE_PASSWORD_CHECK = False nobody@juju-a45617-0-lxd-4:/$ Needless to say, I should not be able to see passwords as 'nobody'. This is on a customer site, but I've reproduced at least the world readableness with a fresh deploy of cs:openstack-dashboard locally. This release sports mostly bug-fixes and we would like to make sure all of our supported customers have access to these improvements. The update contains the following package updates:    * <TODO: Create list with package names and versions> [Test Case] apt install openstack-dashboard sudo ls -al /etc/openstack-dashboard/ permissions should be: -rw-r----- 1 root horizon 30995 Mar 13 14:12 local_settings.py [Regression Potential] Very minimal regression potential. The fix is already in artful/pike and bionic/queens. [Discussion] The following comment is copied from comment #30 below but important to call out for SRU review: coreycb: I've uploaded designate-dashboard, murano-dashboard, trove-dashboard, and sahara-dashboard to the Artful Unapproved queue where they are awaiting review by the SRU team. Note that these changes are only updating these dashboard to use the proper user:group when performing chown on /var/lib/openstack-dashboard. This may look tengential when just looking at the Artful packages but it aligns with the changes being made for the Ocata cloud-archive (and already made in Bionic) that run openstack-dashboard under horizon:horizon instead of under www-data:www-data.
2018-03-15 16:28:03 Corey Bryant cloud-archive/ocata: status Fix Committed Fix Released
2018-03-15 17:21:00 Corey Bryant bug added subscriber Bryan Murray
2018-03-15 17:27:18 Corey Bryant tags uosci verification-kilo-needed verification-newton-needed verification-ocata-needed uosci verification-kilo-needed verification-newton-done verification-ocata-done
2018-03-15 17:28:06 Corey Bryant cloud-archive/newton: status Fix Committed Fix Released
2018-03-15 20:34:23 Corey Bryant description [Impact] nobody@juju-a45617-0-lxd-4:/$ grep PASSWORD /etc/openstack-dashboard/local_settings.py         'PASSWORD': 'yNXwml0TXuWjcW19jDzE49IiohSIMY', #EMAIL_HOST_PASSWORD = 'top-secret!' #OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True #ENFORCE_PASSWORD_CHECK = False nobody@juju-a45617-0-lxd-4:/$ Needless to say, I should not be able to see passwords as 'nobody'. This is on a customer site, but I've reproduced at least the world readableness with a fresh deploy of cs:openstack-dashboard locally. This release sports mostly bug-fixes and we would like to make sure all of our supported customers have access to these improvements. The update contains the following package updates:    * <TODO: Create list with package names and versions> [Test Case] apt install openstack-dashboard sudo ls -al /etc/openstack-dashboard/ permissions should be: -rw-r----- 1 root horizon 30995 Mar 13 14:12 local_settings.py [Regression Potential] Very minimal regression potential. The fix is already in artful/pike and bionic/queens. [Discussion] The following comment is copied from comment #30 below but important to call out for SRU review: coreycb: I've uploaded designate-dashboard, murano-dashboard, trove-dashboard, and sahara-dashboard to the Artful Unapproved queue where they are awaiting review by the SRU team. Note that these changes are only updating these dashboard to use the proper user:group when performing chown on /var/lib/openstack-dashboard. This may look tengential when just looking at the Artful packages but it aligns with the changes being made for the Ocata cloud-archive (and already made in Bionic) that run openstack-dashboard under horizon:horizon instead of under www-data:www-data. [Impact] nobody@juju-a45617-0-lxd-4:/$ grep PASSWORD /etc/openstack-dashboard/local_settings.py         'PASSWORD': 'yNXwml0TXuWjcW19jDzE49IiohSIMY', #EMAIL_HOST_PASSWORD = 'top-secret!' #OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True #ENFORCE_PASSWORD_CHECK = False nobody@juju-a45617-0-lxd-4:/$ Needless to say, I should not be able to see passwords as 'nobody'. This is on a customer site, but I've reproduced at least the world readableness with a fresh deploy of cs:openstack-dashboard locally. This release sports mostly bug-fixes and we would like to make sure all of our supported customers have access to these improvements. The update contains the following package updates:    * <TODO: Create list with package names and versions> [Test Case] apt install openstack-dashboard sudo ls -al /etc/openstack-dashboard/ permissions should be: -rw-r----- 1 root horizon 30995 Mar 13 14:12 local_settings.py sudo ls -al /var/lib/openstack-dashboard/ # should be recursively owned by horizon:horizon before and after installing any dashboard plugins [Regression Potential] Very minimal regression potential. The fix is already in artful/pike and bionic/queens. [Discussion] The following comment is copied from comment #30 below but important to call out for SRU review: coreycb: I've uploaded designate-dashboard, murano-dashboard, trove-dashboard, and sahara-dashboard to the Artful Unapproved queue where they are awaiting review by the SRU team. Note that these changes are only updating these dashboard to use the proper user:group when performing chown on /var/lib/openstack-dashboard. This may look tengential when just looking at the Artful packages but it aligns with the changes being made for the Ocata cloud-archive (and already made in Bionic) that run openstack-dashboard under horizon:horizon instead of under www-data:www-data.
2018-03-15 20:47:01 Corey Bryant information type Private Security Public Security
2018-03-15 20:49:47 Corey Bryant bug task deleted trove-dashboard (Ubuntu)
2018-03-15 20:50:00 Corey Bryant bug task added trove-dashboard (Ubuntu)
2018-03-15 21:05:33 Corey Bryant bug added subscriber Ubuntu Stable Release Updates Team
2018-03-15 21:07:47 Brian Murray trove-dashboard (Ubuntu Artful): status New Fix Committed
2018-03-15 21:07:50 Brian Murray bug added subscriber SRU Verification
2018-03-15 21:07:56 Brian Murray tags uosci verification-kilo-needed verification-newton-done verification-ocata-done uosci verification-kilo-needed verification-needed verification-needed-artful verification-newton-done verification-ocata-done
2018-03-15 21:11:04 Brian Murray designate-dashboard (Ubuntu Artful): status Triaged Fix Committed
2018-03-15 21:12:38 Brian Murray murano-dashboard (Ubuntu Artful): status New Fix Committed
2018-03-15 21:15:51 Corey Bryant cloud-archive/kilo: status Fix Committed Fix Released
2018-03-15 21:29:01 Brian Murray trove-dashboard (Ubuntu Xenial): status New Fix Committed
2018-03-15 21:33:13 Brian Murray murano-dashboard (Ubuntu Xenial): status New Fix Committed
2018-03-15 21:36:39 Brian Murray sahara-dashboard (Ubuntu Xenial): status New Fix Committed
2018-03-15 21:40:37 Brian Murray horizon (Ubuntu Xenial): status Triaged Fix Committed
2018-03-15 21:52:59 Brian Murray horizon (Ubuntu Trusty): status Triaged Fix Committed
2018-03-15 22:30:12 Brian Murray sahara-dashboard (Ubuntu Artful): status Triaged Fix Committed
2018-03-16 12:28:08 Corey Bryant trove-dashboard (Ubuntu): status New Invalid
2018-03-16 12:28:26 Corey Bryant neutron-lbaas-dashboard (Ubuntu): status New Invalid
2018-03-16 12:28:39 Corey Bryant murano-dashboard (Ubuntu): status New Invalid
2018-03-16 12:28:57 Corey Bryant trove-dashboard (Ubuntu Xenial): importance Undecided Critical
2018-03-16 12:29:16 Corey Bryant trove-dashboard (Ubuntu Artful): importance Undecided Critical
2018-03-16 12:29:25 Corey Bryant murano-dashboard (Ubuntu Xenial): importance Undecided Critical
2018-03-16 12:29:36 Corey Bryant murano-dashboard (Ubuntu Artful): importance Undecided Critical
2018-03-16 12:29:46 Corey Bryant sahara-dashboard (Ubuntu Xenial): importance Undecided Critical
2018-03-16 12:32:49 Corey Bryant charm-openstack-dashboard: status Triaged Fix Released
2018-03-16 13:09:10 Corey Bryant tags uosci verification-kilo-needed verification-needed verification-needed-artful verification-newton-done verification-ocata-done uosci verification-done-artful verification-kilo-done verification-needed verification-newton-done verification-ocata-done
2018-03-16 13:31:26 Corey Bryant cloud-archive/mitaka: status Triaged Fix Committed
2018-03-16 13:31:28 Corey Bryant tags uosci verification-done-artful verification-kilo-done verification-needed verification-newton-done verification-ocata-done uosci verification-done-artful verification-kilo-done verification-mitaka-needed verification-needed verification-newton-done verification-ocata-done
2018-03-16 13:47:27 Corey Bryant tags uosci verification-done-artful verification-kilo-done verification-mitaka-needed verification-needed verification-newton-done verification-ocata-done uosci verification-done verification-done-artful verification-kilo-done verification-newton-done verification-ocata-done
2018-03-16 13:48:50 Corey Bryant nominated for series cloud-archive/pike
2018-03-16 13:48:50 Corey Bryant bug task added cloud-archive/pike
2018-03-16 13:49:22 Corey Bryant cloud-archive/pike: status New Fix Committed
2018-03-16 13:49:34 Corey Bryant cloud-archive/pike: importance Undecided Critical
2018-03-16 14:03:29 Corey Bryant cloud-archive/pike: status Fix Committed Fix Released
2018-03-16 14:22:24 Corey Bryant tags uosci verification-done verification-done-artful verification-kilo-done verification-newton-done verification-ocata-done uosci verification-done verification-done-artful verification-done-trusty verification-done-xenial verification-kilo-done verification-newton-done verification-ocata-done
2018-03-16 15:13:54 Corey Bryant cloud-archive/mitaka: status Fix Committed Fix Released
2018-03-20 15:29:33 Launchpad Janitor murano-dashboard (Ubuntu Artful): status Fix Committed Fix Released
2018-03-20 15:30:43 Launchpad Janitor trove-dashboard (Ubuntu Artful): status Fix Committed Fix Released
2018-03-20 15:33:01 Launchpad Janitor designate-dashboard (Ubuntu Artful): status Fix Committed Fix Released
2018-03-20 15:33:17 Launchpad Janitor sahara-dashboard (Ubuntu Artful): status Fix Committed Fix Released
2018-03-22 09:32:54 Launchpad Janitor murano-dashboard (Ubuntu Xenial): status Fix Committed Fix Released
2018-03-22 09:32:58 Launchpad Janitor trove-dashboard (Ubuntu Xenial): status Fix Committed Fix Released
2018-03-22 09:33:01 Launchpad Janitor sahara-dashboard (Ubuntu Xenial): status Fix Committed Fix Released
2018-03-22 09:33:05 Launchpad Janitor horizon (Ubuntu Xenial): status Fix Committed Fix Released
2018-03-22 09:41:47 Launchpad Janitor horizon (Ubuntu Trusty): status Fix Committed Fix Released