I try to follow the instruction:
autoinstall:
...
user-data:
write_files:
- content: |
cloud_init_has_run
path: /cloud_init_flag
users:
- default
- name: kim
passwd: <hash>
shell: /bin/bash
lock-passwd: false
ssh_pwauth: True
chpasswd: { expire: False }
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users, admin
Or put the users, as the same level of autoinstall
users:
- default
- name: kim
passwd: <hash>
shell: /bin/bash
lock-passwd: false
ssh_pwauth: True
chpasswd: { expire: False }
sudo: ALL=(ALL) NOPASSWD:ALL
groups: users, admin
autoinstall:
Both users do not work, but the write_files actually works. ls /home/ does not show kim, but only my default user in identity.
Can anyone explain how to make the users block work?
update
the passwd seems never work, I tried following commands to create the hash:
mkpasswd -m sha512crypt -smkpasswd --method=SHA-512 --rounds=4096 -s
I just put the output hash to passwd: "<hash>" but the login always fail with wrong passwd, I can only login with my ssh key. Any idea how to specify the passwd here?
In the /var/log/cloud-init.log we can see:
2021-09-30 15:18:39,580 - __init__.py[DEBUG]: Adding user testuser
2021-09-30 15:18:39,580 - subp.py[DEBUG]: Running hidden command to protect sensitive input/output logstring: ['useradd', 'testuser', '--comment', 'testuser', '--groups', 'users,sudo,admin,cdrom,dip,plugdev,lpadmin,lxd,libvirt', '--password', 'REDACTED', '--shell', '/bin/bash', '-m']
2021-09-30 15:18:39,606 - subp.py[DEBUG]: Running command ['passwd', '-l', 'testuser'] with allowed return codes [0] (shell=False, capture=True)
2021-09-30 15:18:39,619 - util.py[DEBUG]: Reading from /etc/sudoers (quiet=False)
I finally found out why it does not work, the /etc/shadow is somehow wrong:
testuser:!$6$02H0ZRN.QfL7$G8/Jh7bZNlIEPAsGKZOBUog89a559t/LSWXAyqncOpJytlls8hsGHQgeBdWGoYhedZ0v7bsVNFlRf/S0Tusug1:18900:0:99999:7:::
The extra ! cause the failure. Remove it make it works. Is this a bug or there is some
correct flag is: lock_passwd: false instead of lock-passwd: false
