Score:1

autoinstall/user-data's users section does not work at all?

mx flag

I try to follow the instruction:

autoinstall:
...
  user-data:
    write_files:
      - content: |
          cloud_init_has_run
        path: /cloud_init_flag
    users:
      - default
      - name: kim
        passwd: <hash>
        shell: /bin/bash
        lock-passwd: false
        ssh_pwauth: True
        chpasswd: { expire: False }
        sudo: ALL=(ALL) NOPASSWD:ALL
        groups: users, admin

Or put the users, as the same level of autoinstall

users:
  - default
  - name: kim
    passwd: <hash>
    shell: /bin/bash
    lock-passwd: false
    ssh_pwauth: True
    chpasswd: { expire: False }
    sudo: ALL=(ALL) NOPASSWD:ALL
    groups: users, admin
autoinstall:

Both users do not work, but the write_files actually works. ls /home/ does not show kim, but only my default user in identity.

Can anyone explain how to make the users block work?

update

the passwd seems never work, I tried following commands to create the hash:

  • mkpasswd -m sha512crypt -s
  • mkpasswd --method=SHA-512 --rounds=4096 -s

I just put the output hash to passwd: "<hash>" but the login always fail with wrong passwd, I can only login with my ssh key. Any idea how to specify the passwd here?

In the /var/log/cloud-init.log we can see:

2021-09-30 15:18:39,580 - __init__.py[DEBUG]: Adding user testuser
2021-09-30 15:18:39,580 - subp.py[DEBUG]: Running hidden command to protect sensitive input/output logstring: ['useradd', 'testuser', '--comment', 'testuser', '--groups', 'users,sudo,admin,cdrom,dip,plugdev,lpadmin,lxd,libvirt', '--password', 'REDACTED', '--shell', '/bin/bash', '-m']
2021-09-30 15:18:39,606 - subp.py[DEBUG]: Running command ['passwd', '-l', 'testuser'] with allowed return codes [0] (shell=False, capture=True)
2021-09-30 15:18:39,619 - util.py[DEBUG]: Reading from /etc/sudoers (quiet=False)

I finally found out why it does not work, the /etc/shadow is somehow wrong:

testuser:!$6$02H0ZRN.QfL7$G8/Jh7bZNlIEPAsGKZOBUog89a559t/LSWXAyqncOpJytlls8hsGHQgeBdWGoYhedZ0v7bsVNFlRf/S0Tusug1:18900:0:99999:7:::

The extra ! cause the failure. Remove it make it works. Is this a bug or there is some

correct flag is: lock_passwd: false instead of lock-passwd: false

Score:2
jp flag

This worked for me using the 20.04.3 server installer (subiquity 21.08.2)

#cloud-config
autoinstall:
  # r00tme
  user-data:
    users:
      - default
      - name: kim
        passwd: $6$.c38i4RIqZeF4RtR$hRu2RFep/.6DziHLnRqGOEImb15JT2i.K/F9ojBkK/79zqY30Ll2/xx6QClQfdelLe.ZjpeVYfE8xBBcyLspa/
        lock_passwd: false
        shell: /bin/bash
        groups: [adm,sudo]
  ssh:
    allow-pw: true
    authorized-keys: []
    install-server: true

A few key points

  • this will create the default user, ubuntu, that has no password. It will also create a second user, kim, with the given password hash.
  • the users do not get created until the first boot. The installer adds configuration for cloud-init to create the users.
  • the groups had to be in YAML list syntax.
  • I did not include an identity section.

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.