Fixed
Status Update
No update yet.
Comments
sl...@google.com
sl...@google.com
sl...@google.com
no...@gmail.com
fyi,
$ uname -a
Linux instance-1 3.10.0-862.9.1.el7.x86_64 #1 SMP Mon Jul 16 16:29:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$ systemctl list-unit-files \
> | grep google | grep enabled
google-accounts-daemon.service enabled
google-clock-skew-daemon.service enabled
google-instance-setup.service enabled
google-network-daemon.service enabled
$ yum list installed | grep google-compute
google-compute-engine.noarch 2.8.6-1.el7 @google-cloud-compute
google-compute-engine-oslogin.x86_64
python-google-compute-engine.noarch
$ uname -a
Linux instance-1 3.10.0-862.9.1.el7.x86_64 #1 SMP Mon Jul 16 16:29:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$ systemctl list-unit-files \
> | grep google | grep enabled
google-accounts-daemon.service enabled
google-clock-skew-daemon.service enabled
google-instance-setup.service enabled
google-network-daemon.service enabled
$ yum list installed | grep google-compute
google-compute-engine.noarch 2.8.6-1.el7 @google-cloud-compute
google-compute-engine-oslogin.x86_64
python-google-compute-engine.noarch
al...@gmail.com
Hi,
I have tried the work aground you have mentioned
1. (OS Login),it not working. I cannot find any of my files , no permission
to change folder also
Last login: Tue Oct 16 11:07:34 2018 from 74.125.41.167
/usr/bin/id: cannot find name for group ID 578680806
[platformcloudtest_gmail_com@instance-1 ~]$ ls
[platformcloudtest_gmail_com@instance-1 ~]$
2.I have Changed username also
I don't have permission to acesss other folders
On Tue, Oct 16, 2018 at 10:38 AM Aneesh MP <platformcloudtest@gmail.com>
wrote:
I have tried the work aground you have mentioned
1. (OS Login),it not working. I cannot find any of my files , no permission
to change folder also
Last login: Tue Oct 16 11:07:34 2018 from 74.125.41.167
/usr/bin/id: cannot find name for group ID 578680806
[platformcloudtest_gmail_com@instance-1 ~]$ ls
[platformcloudtest_gmail_com@instance-1 ~]$
2.I have Changed username also
I don't have permission to acesss other folders
On Tue, Oct 16, 2018 at 10:38 AM Aneesh MP <platformcloudtest@gmail.com>
wrote:
am...@gmail.com
Same thing happened to my machines:
uname -a output: 3.10.0-862.11.6.el7.x86_64 #1 SMP Tue Aug 14 21:49:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
as a workaround I followed this documenthttps://cloud.google.com/compute/docs/instances/managing-instance-access#enable_oslogin and enabled oslogin with metadata on VM. When I logged in next time it created new user account which is part of Google-sudoers. From this account sudo works fine.
Account that is no longer part of sudoers generates those logs:
Oct 12 00:40:38 m2-us-central1-c google-accounts: INFO Removing user arek.
Oct 12 00:40:38 m2-us-central1-c google_accounts_daemon: Removing user arek from group google-sudoers
Oct 12 00:40:38 m2-us-central1-c google_accounts_daemon: gpasswd: user 'arek' is not a member of 'google-sudoers'
Oct 12 00:40:38 m2-us-central1-c google-accounts: WARNING Could not update user arek. Command '['gpasswd', '-d', 'arek', 'google-sudoers']' returned non-zero exit status 3.
Hope that helps.
Arek
uname -a output: 3.10.0-862.11.6.el7.x86_64 #1 SMP Tue Aug 14 21:49:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
as a workaround I followed this document
Account that is no longer part of sudoers generates those logs:
Oct 12 00:40:38 m2-us-central1-c google-accounts: INFO Removing user arek.
Oct 12 00:40:38 m2-us-central1-c google_accounts_daemon: Removing user arek from group google-sudoers
Oct 12 00:40:38 m2-us-central1-c google_accounts_daemon: gpasswd: user 'arek' is not a member of 'google-sudoers'
Oct 12 00:40:38 m2-us-central1-c google-accounts: WARNING Could not update user arek. Command '['gpasswd', '-d', 'arek', 'google-sudoers']' returned non-zero exit status 3.
Hope that helps.
Arek
ms...@gmail.com
As you have mentioned ,the workaround worked for me also ,Also tried
without the OS login just added new user IAM & admin with Role Compute
Admin , Owner Once logged in just changed the the username from
the Terminal Options->Change Linux Username and eneterd the command sudo -i
after this i could run sudo commands with no issues.
Regards
On Tue, Oct 16, 2018 at 6:27 PM <buganizer-system@google.com> wrote:
without the OS login just added new user IAM & admin with Role Compute
Admin , Owner Once logged in just changed the the username from
the Terminal Options->Change Linux Username and eneterd the command sudo -i
after this i could run sudo commands with no issues.
Regards
On Tue, Oct 16, 2018 at 6:27 PM <buganizer-system@google.com> wrote:
am...@google.com
Thank you everyone.
Investigating the issue, it seems only instances created with images “centos-7-v20181009“ between October 9th and 11th are affected. (equivalent releases for other distributions may also be affected). This was already mitigated with the new images from October 11th “centos-7-v20181011”.
Thus, in your case, it is recommended to recreate the instance with the new image for a permanent resolution unless if the workarounds above are sufficient for your use-cases.
As this issue has been already fixed (with new image releases), I am closing it now. Thank you again for reporting it.
Investigating the issue, it seems only instances created with images “centos-7-v20181009“ between October 9th and 11th are affected. (equivalent releases for other distributions may also be affected). This was already mitigated with the new images from October 11th “centos-7-v20181011”.
Thus, in your case, it is recommended to recreate the instance with the new image for a permanent resolution unless if the workarounds above are sufficient for your use-cases.
As this issue has been already fixed (with new image releases), I am closing it now. Thank you again for reporting it.
Description