google-guest-agent fails to insert keys if the username includes a space

Question

google-guest-agent fails to insert keys if the username includes a space

BlazingIntensity opened this issue a year ago · comments

In windows it is possible for the user name to include a space such that the metadata record can look something like this:
flast:ssh-rsa RSA-KEY-GOES-HERE FIRSTS-PC\FIRST LAST@FIRSTS-PC

Prior to commit fbdff753ac709e2dc00305eee0661ae7da6e4cf4 non_windows_accounts.go was simply taking everything before the colon as the username and everything after as the key. However that commit changed it so that a split on spaces is performed to handle optional expiry data. This results in an error that looks something like this:
ERROR non_windows_accounts.go:199 invalid character 'L' looking for beginning of value: flast:ssh-rsa
It looks like rather than parsing the above metadata as:

Username: flast
Key: RSA-KEY-GOES-HERE FIRSTS-PC\FIRST LAST@FIRSTS-PC

It's instead parsing it as:

Username: flast
Key: RSA-KEY-GOES-HERE FIRSTS-PC\FIRST
Expiry: LAST@FIRSTS-PC

This is preventing windows users with spaces in their username from accessing any VM with the updated google-guest-agent package.

Anthony Lu · Answer 1 · Tue Jan 24 2023 07:43:12 GMT+0800 (China Standard Time)

It looks like both before and after the commit you referenced, the key is being split on spaces for expiration data.

Did you mean to link a different commit id?

Tim Mills · Answer 2 · Wed Jan 25 2023 00:51:31 GMT+0800 (China Standard Time)

You're right, I'd missed that removeExpiredKeys was doing that work before the commit. I'll look and see if I can't find where this went bad, but what I can add is that google-guest-agent=20201217.02-0ubuntu1~20.04.0 works for us and google-guest-agent=20220622.00-0ubuntu2~20.04.2 doesn't, and that the error message above definitely suggests that this is a split-on-space issue.

Anthony Lu · Answer 3 · Wed Jan 25 2023 02:54:33 GMT+0800 (China Standard Time)

To confirm, the original error message happened when running the most recent version of guest agent, correct? And you were able to test to see that

google-guest-agent=20220622.00-0ubuntu2~20.04.2

was another version of guest agent which had this error.

Tim Mills · Answer 4 · Wed Jan 25 2023 03:16:19 GMT+0800 (China Standard Time)

google-guest-agent=20220622.00-0ubuntu2~20.04.2 is the latest version available on ubuntu 20.04 and is what we're currently reproducing the issue with:

Anthony Lu · Answer 5 · Wed Jan 25 2023 07:50:55 GMT+0800 (China Standard Time)

To confirm the format of the key being used, the specific key had exactly three spaces in it, as opposed to having exactly two spaces in it, correct?

The format which was mentioned seemed to have three spaces.

flast:ssh-rsa RSA-KEY-GOES-HERE FIRSTS-PC\FIRST LAST@FIRSTS-PC

Tim Mills · Answer 6 · Wed Jan 25 2023 07:54:47 GMT+0800 (China Standard Time)

Correct; most of our usernames have two spaces and function fine. The negatively impacted users have 3 spaces in their metadata record.

Leandro Dorileo · Answer 7 · Sat Jan 28 2023 01:03:50 GMT+0800 (China Standard Time)

We are working on a fix with the pull request #198.

vorakl · Answer 8 · Sat Mar 04 2023 06:41:11 GMT+0800 (China Standard Time)

Fixed by #198

vorakl · Answer 9 · Tue Apr 25 2023 07:10:32 GMT+0800 (China Standard Time)

This fix is already in Ubuntu Lunar:
https://launchpad.net/ubuntu/+source/google-guest-agent/20230330.00-0ubuntu1

I'm closing the issue.