Skip to content
This repository has been archived by the owner on Nov 8, 2021. It is now read-only.

Users gets deleted when cron job runs import_users.sh #69

Closed
aswinkm-tc opened this issue Jun 14, 2017 · 8 comments
Closed

Users gets deleted when cron job runs import_users.sh #69

aswinkm-tc opened this issue Jun 14, 2017 · 8 comments
Labels
ubuntu

Comments

@aswinkm-tc
Copy link

aswinkm-tc commented Jun 14, 2017
edited
Loading

I installed aws-ec2-ssh on an ubuntu 16.04 server running on aws. The import_users.sh script imports the users from aws iam and setup the user environment. But after 10 minutes when the cron job runs the script again, it removes all the users imported. I have also noticed that, it doesn't remove local users created by me, as it should be.
I think the problem exist in the following code:
iam_users=$(get_clean_iam_users | sort | uniq)
sudo_users=$(get_clean_sudoers_users | sort | uniq)
local_users=$(get_local_users | sort | uniq)
intersection=$(echo ${local_users} ${iam_users} | tr " " "\n" | sort | uniq -D | uniq)
removed_users=$(echo ${local_users} ${intersection} | tr " " "\n" | sort | uniq -u)
@mvanbaak
Copy link
Contributor

hum, strange. I have been using this code in production for a couple of months now and never saw what you describe here.

Can you check your server's logfiles for lines Deleted user <username> ?
It should have a line like that for every user

@aswinkm-tc
Copy link
Author

I think its my bad, I did the configuration manually without running install.sh script and it works. I will close this issue.

@michaelwittig michaelwittig mentioned this issue Jul 6, 2017
Closed
@rbolkey
Copy link

rbolkey commented Aug 2, 2017
edited
Loading

This happened for me as well on Ubuntu 16.04 LTS; I think it's environmental.

The environment that cron runs in is:
HOME=/root
LOGNAME=root
PATH=/usr/bin:/bin
LANG=en_US.UTF-8
SHELL=/bin/sh
PWD=/root

But the aws command isn't on that path

$ which aws
/usr/local/bin/aws

@michaelwittig michaelwittig reopened this Aug 2, 2017
@michaelwittig
Copy link
Contributor

I think the problem is that this solution is not intended to work with Ubuntu. The demo uses Amazon Linux https://github.com/widdix/aws-ec2-ssh#demo-with-cloudformation and also our tests (https://github.com/widdix/aws-ec2-ssh/tree/master/test) use Amazon Linux only.

Is anyone interested in fixing all the Ubuntu issues? I'm not using Ubuntu at all. I'm an Amazon Linux user.

@mvanbaak
Copy link
Contributor

mvanbaak commented Aug 2, 2017

I'm also not using Ubuntu, only Amazon Linux.

So to confirm for me:

  • When you run the script manually, it works
  • When cron runs the script, it doesn't work and deletes the users.
    Correct?

The thing about the PATH is a good one. On amazon linux the aws binary is in /usr/bin/aws so this could be the issue yes.

If it's not in the current PATH, we cannot use which or whereis to find the location.
This means we will have to create a list of possible locations of the binary, and check which one is executable and set that to a variable at the very top of the scripts :(

@michaelwittig
Copy link
Contributor

I believe, if we change /etc/cron.d/import_users to:

SHELL=/bin/bash
PATH=/usr/bin:/bin:/usr/local/bin
*/10 * * * * root /opt/import_users.sh

it should work.

@mvanbaak
Copy link
Contributor

mvanbaak commented Aug 2, 2017

Clearly you had your wake-up coffee, where I didn't.
Yes, that would work.

@michaelwittig
Copy link
Contributor

☕️

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
ubuntu
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rbolkey @michaelwittig @mvanbaak @aswinkm-tc