Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

login failed when pass PASSWORD using FILE__PASSWORD #63

Closed
NigelBoxing opened this issue Apr 6, 2021 · 5 comments
Closed

login failed when pass PASSWORD using FILE__PASSWORD #63

NigelBoxing opened this issue Apr 6, 2021 · 5 comments
Projects
Issue & PR Tracker

Comments

@NigelBoxing
Copy link

linuxserver.io

Expected Behavior

login success with password set in file

Current Behavior

login failed

Steps to Reproduce

  1. use FILE__PASSWORD in docker-compose.yml
services:
  app:
    container_name: code-server
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Asia/Shanghai
      - FILE__PASSWORD=/run/secrets/password
      - FILE__SUDO_PASSWORD=/run/secrets/sudopassword
    secrets:
      - password
      - sudopassword
secrets:
  password:
    file: ./password.txt
  sudopassword:
    file: ./sudopassword.txt
  1. docker logs code-server
[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing...
setting up sudo access
adding abc to sudoers
setting sudo password using SUDO_PASSWORD env var
Enter new UNIX password: Retype new UNIX password: Sorry, passwords do not match
passwd: Authentication token manipulation error
passwd: password unchanged
[cont-init.d] 30-config: exited 0.
  1. when i use the password set in password.txt , code-server web page pops 'Incorrect password'

Environment

OS: CentOS 7.9
CPU architecture: x86_64
How docker service was installed:

from official docker repo

Command used to create docker container (run/create/compose/screenshot)

docker-compose up -d

Docker logs

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing...
[env-init] PASSWORD set from FILE__PASSWORD
[env-init] SUDO_PASSWORD set from FILE__SUDO_PASSWORD
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing...

User uid: 1000
User gid: 1000

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing...
setting up sudo access
adding abc to sudoers
setting sudo password using SUDO_PASSWORD env var
Enter new UNIX password: Retype new UNIX password: Sorry, passwords do not match
passwd: Authentication token manipulation error
passwd: password unchanged
[cont-init.d] 30-config: exited 0.
[cont-init.d] 99-custom-scripts: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-scripts: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[2021-04-06T11:41:54.008Z] info Wrote default config file to ~/.config/code-server/config.yaml
[2021-04-06T11:41:55.217Z] info code-server 3.9.2 109d2ce3247869eaeab67aa7e5423503ec9eb859
[2021-04-06T11:41:55.220Z] info Using user-data-dir ~/data
[2021-04-06T11:41:55.261Z] info Using config file ~/.config/code-server/config.yaml
[2021-04-06T11:41:55.261Z] info HTTP server listening on http://0.0.0.0:8443
[2021-04-06T11:41:55.261Z] info - Authentication is enabled
[2021-04-06T11:41:55.262Z] info - Using password from $PASSWORD
[2021-04-06T11:41:55.262Z] info - Not serving HTTPS
@project-bot project-bot bot added this to To do in Issue & PR Tracker Apr 6, 2021
@github-actions
Copy link

github-actions bot commented Apr 6, 2021

Thanks for opening your first issue here! Be sure to follow the bug or feature issue templates!

@aptalca
Copy link
Member

aptalca commented Apr 6, 2021

Looks like your password files have trailing newlines.

Create them with printf as described in the docker secrets docs so they don't have the trailing newline

@NigelBoxing
Copy link
Author

Looks like your password files have trailing newlines.

Create them with printf as described in the docker secrets docs so they don't have the trailing newline

Thanks a lot. I try printf my-password > password.txt and docker-compose up again. To my surprise, it works well.
but i still don't know that why code-server could not set the password properly when the user fill password to password.txt via vim or echo xxx > password.txt
Is it a bug? the code-server forgets to trim the password.

@aptalca
Copy link
Member

aptalca commented Apr 6, 2021

Is it a bug? the code-server forgets to trim the password.

You can report that upstream

But as you can see, the SUDO_PASSWORD, which is set by our image in bash, is failing because the trailing newline breaks our bash code and results in the error:

setting sudo password using SUDO_PASSWORD env var
Enter new UNIX password: Retype new UNIX password: Sorry, passwords do not match
passwd: Authentication token manipulation error
passwd: password unchanged

@NigelBoxing
Copy link
Author

Is it a bug? the code-server forgets to trim the password.

You can report that upstream

But as you can see, the SUDO_PASSWORD, which is set by our image in bash, is failing because the trailing newline breaks our bash code and results in the error:

setting sudo password using SUDO_PASSWORD env var
Enter new UNIX password: Retype new UNIX password: Sorry, passwords do not match
passwd: Authentication token manipulation error
passwd: password unchanged

Indeed, you are right.
Anyway, thanks a lot.

@Roxedus Roxedus closed this as completed Apr 7, 2021
Issue & PR Tracker automation moved this from To do to Done Apr 7, 2021
@NigelBoxing NigelBoxing mentioned this issue Aug 17, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Issue & PR Tracker
  
Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aptalca @Roxedus @NigelBoxing