Odd_Blokebswinnerton: I'm not 100% sure where that /run/network/interfaces.d file would be coming from; does it appear in /var/log/cloud-init.log at all?12:51
lucasmouraHey everyone, were exactly we should print the authorized keys fingerprints ? https://github.com/canonical/cloud-init/blob/master/cloudinit/config/cc_ssh_authkey_fingerprints.py#L6814:31
lucasmouraI have create a dummy userdata with an ssh_authorized_keys but I could not find the output of this function in either cloud-init-output.logs or syslog14:32
lucasmouraPS: This is the PR I am trying to manually validate: https://github.com/canonical/cloud-init/pull/188/14:35
bswinnertonOdd_Bloke: it doesn't, no. I suspect that it must be coming from the Debian cloud image14:45
smoserbswinnerton: you're not really going to be able to use user-data to get rid of or have any effect on network config. as user-data is applied after network is up.15:04
smoseri suspect you have something else running in that image that thinks it shoudl write /run/ files.15:05
smosercommit a6faf3acef02bd8cd4d46ac9efeebf24b3f21d81 changed filename from /etc/network/interfaces.d/50-cloud-init.cfg to /etc/network/interfaces.d/50-cloud-init . so that is where one fix came from15:06
smoserpastebin /var/log/cloud-init.log , or a tarball created with 'cloud-init collect-logs'. and i'd do so after a `clean --logs`. so that we only have one boot around. or...best case scenario on first boot of a otherwise clean image.15:08
blackboxswlucasmoura: your authorized key fingerprints should be emitted to /var/log/cloud-init-output.log ... yet look what I found :) https://github.com/canonical/cloud-init/blob/master/tests/cloud_tests/testcases/modules/TODO.md#ssh-authkey-fingerprints16:13
blackboxswlucasmoura: I'm trying to dig through to find out how we can reproduce this issue.16:14
blackboxswlucasmoura: ok I found it. util.multi_log actually logs to the console if a logger is not provided. so you can see this output in lxc by attaching to the console via: lxc console <your_container_name>    during first boot16:45
lucasmourablackboxsw, Okay, I will try doing that. Thanks for the help :)17:02
blackboxswlucasmoura: you could lxc launch ubuntu-daily:xenial sru-xenial -c user.user.data="$(cat seed_keys.yaml)" https://paste.ubuntu.com/p/5ddmcqkrVC/17:03
blackboxswlxc console sru-xenial (in another term)17:04
blackboxswupgrade cloud-init to proposed, cloud-init clean --logs --reboot17:04
blackboxswand watch for the Fingerprint (md5/sha256) table17:04
blackboxswI confirm I can see ci-info: | Keytype |                Fingerprint (md5)                | Options |    Comment    |   on xenial17:05
lucasmouraGreat, I work on it17:12
lucasmouraThanks blackboxsw :)17:12
blackboxswlucasmoura: I've pushed that SRU consolidation script stuff up here https://github.com/cloud-init/ubuntu-sru/pull/113 if you have any thoughts or concerns there, just let me know19:12
lucasmourablackboxsw, ack. I am just finishing the ssh PR and I will review it19:13
blackboxswgood deal thanks19:13
taliptakohey how can i edit the sshd_config with cloud-init19:14
taliptakoi need to add AuthorizedPrincipalsFile to sshd_config19:14
blackboxswtaliptako: I see cloud-init updates sshd_config for values using our own helper function in https://github.com/canonical/cloud-init/blob/master/cloudinit/config/cc_set_passwords.py#L123 as part of setting password. I don't see that we do that elsewhere.  So I'd say maybe with a runcmd cloud-config19:21
blackboxswtaliptako: maybe like this https://pastebin.ubuntu.com/p/Hh9Dq7g2yv/19:24
blackboxswand then probably need a "- restart ssh" line too19:25
taliptakoblackboxsw, thank you i will try19:39
taliptakointerestingly AuthorizedPrincipalsFile doesnt work with Ubuntu 2019:40
lucasmourablackboxsw, just reviewed the azure refactor PR. I just have a doubt regarding the for loop that was dropped, but besides that, LGTM20:04
lucasmourablackboxsw, I have looked at some PRs that I am not sure that we should cover with manual tests: https://paste.ubuntu.com/p/FXX6RSSD84/22:05
lucasmouraWhen you have some time to take a look and if you don't agree, just let me know22:06
blackboxswlucasmoura: I had the same thought on the first one and I had already removed it from the card an hour ago22:09
blackboxswsecond one is related to the CVE, so it would generally be important to verify, but none of our callsites provide pwlen, so our unittests cover that22:10
blackboxswstrike that, out unittests don't cover the pwlen, but the change is so trivial that we probably don't need to validate it w/ an integration test22:11
blackboxswagreed lucasmoura, can drop those cases as they don't need validation22:13
lucasmourablackboxsw, okay, Shoul I just mark them on the list as done or remove from the card ?22:13
blackboxswlucasmoura: how about delete them22:14
blackboxswfrom the checklist22:14
lucasmourablackboxsw, No problem22:14
blackboxswlucasmoura: if you get a chance tomorrow plz check for errors in the attached/big logs https://github.com/cloud-init/ubuntu-sru/pull/114 :)22:16
lucasmourablackboxsw, ack22:17
blackboxswhttps://github.com/cloud-init/ubuntu-sru/pull/116 merged thanks lucasmoura22:20

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!