** Also affects: cloud-init (Ubuntu) Importance: Undecided Status: New
-- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to cloud-init. https://bugs.launchpad.net/bugs/1644064 Title: sshd_config file permission changed to 644 if ssh_pwauth value is true or false Status in cloud-init: New Status in cloud-init package in Ubuntu: New Bug description: In my deploy image, the default permission of sshd_config file is 600. It always be changed to 644 after cloud-init run. After debug, it is caused by cloud-config item: ssh_pwauth: true The related code is: lines = [str(l) for l in new_lines] util.write_file(ssh_util.DEF_SSHD_CFG, "\n".join(lines)) of file cc_set_passwords.py. write_file function use default mask 644 to write sshd_config. So my file permission changed. It shall be enhanced to read old sshd_config permission and write new sshd_config with old permission to avoid security issue. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-init/+bug/1644064/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp