[ https://issues.apache.org/jira/browse/CLOUDSTACK-6869?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Harikrishna Patnala reassigned CLOUDSTACK-6869: ----------------------------------------------- Assignee: Harikrishna Patnala > Public key content is overridden by template's meta data when you create a > instance > ----------------------------------------------------------------------------------- > > Key: CLOUDSTACK-6869 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6869 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: API, Management Server, Template > Affects Versions: Future, 4.3.0, 4.4.0, 4.5.0 > Reporter: Hiroki Ohashi > Assignee: Harikrishna Patnala > Priority: Critical > Fix For: 4.4.0, 4.5.0 > > > A public key content is overridden by detail value of 'SSH.PublicKey' from a > template created by an instance ROOT volume with public key specification. > This results in delivery of the template owner's ssh key for a instance > created from the template to virtual router inspite of specification of > instance owner's ssh key. > It is caused by import of resource detail values at commitUserVm method like > below. > {code} > Map<String, String> details = template.getDetails(); > if (details != null && !details.isEmpty()) { > vm.details.putAll(details); > } > {code} > Reproduction procedure: > # Deploy an instance with a ssh key A by specifying 'keypair' value. > # Create a template from this instance. > # Deploy an instance with another ssh key B by specifying 'keypair' value. > Database example: > {noformat} > mysql> select * from cloud.template_view where id=207 \G; > *************************** 1. row *************************** > id: 207 > uuid: c96f0d9a-0a56-4d30-af73-fe8b31ae37c3 > unique_name: 2219faa5a-4e7b-3425-b6e6-135ab210422b > name: cluster_frontend-20140520.2 > public: 1 > featured: 0 > type: USER > hvm: 1 > bits: 64 > url: NULL > format: QCOW2 > created: 2014-05-20 09:33:47 > checksum: NULL > display_text: Cluster Frontend VM CentOS 6.5 ver.20140520.2 > enable_password: 1 > dynamically_scalable: 0 > template_state: Active > guest_os_id: 182 > guest_os_uuid: 9d3c42d8-caab-11e3-9125-001e679910a0 > guest_os_name: CentOS 6.4 (64-bit) > bootable: 1 > prepopulate: 0 > cross_zones: 0 > hypervisor_type: KVM > extractable: 0 > template_tag: NULL > sort_key: 0 > removed: NULL > enable_sshkey: 0 > source_template_id: 205 > source_template_uuid: c131680c-3e0e-4d7c-b554-02dabc10ade1 > account_id: 3 > account_uuid: f9e4e1ca-69fd-4ae3-b70c-15bbcc13406e > account_name: sgcadm > account_type: 0 > domain_id: 2 > domain_uuid: 84dd635d-fb99-4895-b199-7d777aa144d5 > domain_name: default > domain_path: /default/ > project_id: NULL > project_uuid: NULL > project_name: NULL > data_center_id: NULL > data_center_uuid: NULL > data_center_name: NULL > lp_account_id: NULL > store_id: 3 > store_scope: REGION > state: Ready > download_state: DOWNLOADED > download_pct: 100 > error_str: NULL > size: 18465816576 > destroyed: 0 > created_on_store: 2014-05-20 09:33:47 > detail_name: Message.ReservedCapacityFreed.Flag > detail_value: false > tag_id: NULL > tag_uuid: NULL > tag_key: NULL > tag_value: NULL > tag_domain_id: NULL > tag_account_id: NULL > tag_resource_id: NULL > tag_resource_uuid: NULL > tag_resource_type: NULL > tag_customer: NULL > temp_zone_pair: 207_0 > *************************** 2. row *************************** > id: 207 > uuid: c96f0d9a-0a56-4d30-af73-fe8b31ae37c3 > unique_name: 2219faa5a-4e7b-3425-b6e6-135ab210422b > name: cluster_frontend-20140520.2 > public: 1 > featured: 0 > type: USER > hvm: 1 > bits: 64 > url: NULL > format: QCOW2 > created: 2014-05-20 09:33:47 > checksum: NULL > display_text: Cluster Frontend VM CentOS 6.5 ver.20140520.2 > enable_password: 1 > dynamically_scalable: 0 > template_state: Active > guest_os_id: 182 > guest_os_uuid: 9d3c42d8-caab-11e3-9125-001e679910a0 > guest_os_name: CentOS 6.4 (64-bit) > bootable: 1 > prepopulate: 0 > cross_zones: 0 > hypervisor_type: KVM > extractable: 0 > template_tag: NULL > sort_key: 0 > removed: NULL > enable_sshkey: 0 > source_template_id: 205 > source_template_uuid: c131680c-3e0e-4d7c-b554-02dabc10ade1 > account_id: 3 > account_uuid: f9e4e1ca-69fd-4ae3-b70c-15bbcc13406e > account_name: sgcadm > account_type: 0 > domain_id: 2 > domain_uuid: 84dd635d-fb99-4895-b199-7d777aa144d5 > domain_name: default > domain_path: /default/ > project_id: NULL > project_uuid: NULL > project_name: NULL > data_center_id: NULL > data_center_uuid: NULL > data_center_name: NULL > lp_account_id: NULL > store_id: 3 > store_scope: REGION > state: Ready > download_state: DOWNLOADED > download_pct: 100 > error_str: NULL > size: 18465816576 > destroyed: 0 > created_on_store: 2014-05-20 09:33:47 > detail_name: SSH.PublicKey > detail_value: ssh-rsa ...(snip) > tag_id: NULL > tag_uuid: NULL > tag_key: NULL > tag_value: NULL > tag_domain_id: NULL > tag_account_id: NULL > tag_resource_id: NULL > tag_resource_uuid: NULL > tag_resource_type: NULL > tag_customer: NULL > temp_zone_pair: 207_0 > *************************** 3. row *************************** > id: 207 > uuid: c96f0d9a-0a56-4d30-af73-fe8b31ae37c3 > unique_name: 2219faa5a-4e7b-3425-b6e6-135ab210422b > name: cluster_frontend-20140520.2 > public: 1 > featured: 0 > type: USER > hvm: 1 > bits: 64 > url: NULL > format: QCOW2 > created: 2014-05-20 09:33:47 > checksum: NULL > display_text: Cluster Frontend VM CentOS 6.5 ver.20140520.2 > enable_password: 1 > dynamically_scalable: 0 > template_state: Active > guest_os_id: 182 > guest_os_uuid: 9d3c42d8-caab-11e3-9125-001e679910a0 > guest_os_name: CentOS 6.4 (64-bit) > bootable: 1 > prepopulate: 0 > cross_zones: 0 > hypervisor_type: KVM > extractable: 0 > template_tag: NULL > sort_key: 0 > removed: NULL > enable_sshkey: 0 > source_template_id: 205 > source_template_uuid: c131680c-3e0e-4d7c-b554-02dabc10ade1 > account_id: 3 > account_uuid: f9e4e1ca-69fd-4ae3-b70c-15bbcc13406e > account_name: sgcadm > account_type: 0 > domain_id: 2 > domain_uuid: 84dd635d-fb99-4895-b199-7d777aa144d5 > domain_name: default > domain_path: /default/ > project_id: NULL > project_uuid: NULL > project_name: NULL > data_center_id: NULL > data_center_uuid: NULL > data_center_name: NULL > lp_account_id: NULL > store_id: 3 > store_scope: REGION > state: Ready > download_state: DOWNLOADED > download_pct: 100 > error_str: NULL > size: 18465816576 > destroyed: 0 > created_on_store: 2014-05-20 09:33:47 > detail_name: Encrypted.Password > detail_value: ...(snip) > tag_id: NULL > tag_uuid: NULL > tag_key: NULL > tag_value: NULL > tag_domain_id: NULL > tag_account_id: NULL > tag_resource_id: NULL > tag_resource_uuid: NULL > tag_resource_type: NULL > tag_customer: NULL > temp_zone_pair: 207_0 > 3 rows in set (0.00 sec) > ERROR: > No query specified > mysql> > {noformat} -- This message was sent by Atlassian JIRA (v6.2#6252)