Ubuntu
cloud-init package

Time To SSH Regression

Bug #2039505 reported by Brett Holman
18
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init (Ubuntu)
Fix Released
Critical
Brett Holman
Focal
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Lunar
Fix Released
Undecided
Unassigned
Mantic
Fix Released
Undecided
Unassigned

Bug Description

=== Begin SRU Template ===
[Impact]
In 23.3.1, system unit ordering changes moved the configuration Before=systemd-user-sessions.service out of the earlier cloud-init.service boot stage and into the subsequent cloud-config.service boot stage to ensure all users have been configured before providing a login prompt on the console. This was originally intended to fix LP: #2013403 for emulated riscv environments, but the general time to SSH/login cost is too great at this stage to leave the impact active in most images where snap seeding is being perfomed on first boot.

Leaving this current extended delay to login unresolved also breaks tooling which uses `uvt-kvm wait` which is present in some continuous integration testing.

The fix is to revert https://github.com/canonical/cloud-init/commit/b3c9b6a7.

[Test Case]
Launch a daily image and a daily-image with proposed cloud-init and compare the following data points:

  - time to SSH: number of retries required to successfully SSH into the VM
  - assert presence of console messages about Unprivileged users inability to login on current cloud-init
  - assert absence of console messages about Unprivileged users inability to login on -proposed cloud-init 23.3.3

  - validate time to ssh by sampling: systemd-analyze critical-chain systemd-user-sessions.service to see total time until login was unblocked from systemd perspective
  - systemctl show -p Before,After cloud-config.service cloud-init.service --no-pager
  - systemd-analyze blame: # validate systemd-user-sessions is not one of the longest blocks to boot

test procedure:
RANDOMSEED=$(petname)
cat <<EOF > meta-data-${RANDOMSEED}
instance-id: iid-local01
local-hostname: cloudimg
EOF

PLAIN_TEXT_PASSWORD=passw0rd
ENCRYPTED_PASSWORD=$(mkpasswd --method=SHA-512 --rounds=4096 "${PLAIN_TEXT_PASSWORD}")

cat <<EOF > user-data-${RANDOMSEED}
#cloud-config
ssh_import_id: [chad.smith]
system_info:
  default_user:
    lock_passwd: false
    passwd: ${ENCRYPTED_PASSWORD}
    ssh_pwauth: true
EOF

cat <<EOF > setup_proposed.sh
#!/bin/bash
mirror=http://archive.ubuntu.com/ubuntu
echo deb \$mirror \$(lsb_release -sc)-proposed main | tee /etc/apt/sources.list.d/proposed.list
apt-get update -q
apt-get install -t \$(lsb_release -sc)-proposed -qy cloud-init
EOF

cloud-localds seed-${RANDOMSEED}.img user-data-${RANDOMSEED} meta-data-${RANDOMSEED}

wait_for_ssh() {
port=$1
while true; do
 sleep 5
 if ssh -o "StrictHOstKeyChecking no" -o "UserKnownHostsFile=/dev/null" ubuntu@localhost -p $port -- cloud-init status --long --wait; then
     echo "got it"
     break
 else
    echo "Awaiting SSH access..."
 fi
done
}

cmd(){
  port=$1
  shift
  echo "---- $@ -----"
  ssh -o "StrictHOstKeyChecking no" -o "UserKnownHostsFile=/dev/null" ubuntu@localhost -p $port -- $@
}

for RELEASE in mantic; do

RELEASE_URL=https://cloud-images.ubuntu.com/$RELEASE/current
RELEASE_IMG=$RELEASE-server-cloudimg-amd64.img
if [ ! -f $RELEASE_IMG ]; then
echo $RELEASE_IMG
       wget $RELEASE_URL/$RELEASE_IMG
fi
echo "Creating a disk backed by the image..."
qemu-img create -f qcow2 -F qcow2 -b $RELEASE_IMG boot-disk-${RANDOMSEED}.img
echo "Launching current cloud-init to confirm expected time to SSH delay"
echo --- expect to see some messages Unprivileged users are not permitted to log in yet ---

qemu-system-x86_64 -enable-kvm -daemonize -drive file=boot-disk-${RANDOMSEED}.img,if=ide,index=0 -drive file=seed-${RANDOMSEED}.img,if=ide -net nic -net user,hostfwd=tcp::2222-:22 -s5
wait_for_ssh 2222
echo --- assert systemd-user-sessions.service is blocked by later cloud-config.service
cmd 2222 systemd-analyze critical-chain systemd-user-sessions.service | grep cloud
cmd 2222 systemctl show -p Before cloud-config.service | grep systemd-user-sessions.service || echo FAILURE: expected cloud-config.service ordered Before=systemd-user-sessions && ecs

echo "Creating a disk backed by the image with cloud-init upgraded to -proposed..."
qemu-img create -f qcow2 -F qcow2 -b $RELEASE_IMG boot-disk-proposed-${RANDOMSEED}.img
sudo mount-image-callback boot-disk-proposed-${RANDOMSEED}.img -- sh -c 'cp ./setup_proposed.sh ${MOUNTPOINT}/setup_proposed.sh'
echo "Upgrading cloud-init from $RELEASE-proposed"
sudo mount-image-callback boot-disk-proposed-${RANDOMSEED}.img --system-resolvconf -- mchroot sh -c 'bash /setup_proposed.sh'

echo --- expect to see NO messages concerning Unprivileged users are not permitted to log in yet ---
qemu-system-x86_64 -enable-kvm -daemonize -drive file=boot-disk-proposed-${RANDOMSEED}.img,if=ide,index=0 -drive file=seed-${RANDOMSEED}.img,if=ide -net nic -net user,hostfwd=tcp::225
wait_for_ssh 2223

echo --- assert cloud-init is 23.3.3 based
cmd 2223 cloud-init --version

echo --- assert systemd-user-sessions.service is blocked by earlier cloud-init.service
cmd 2223 systemd-analyze critical-chain systemd-user-sessions.service | grep cloud
echo --- assert cloud-init.service blocks systemd-user-sessions.service
cmd 2223 systemctl show -p Before cloud-init.service
cmd 2223 systemctl show -p Before cloud-init.service | grep systemd-user-sessions.service || echo FAILURE: expected cloud-init.service ordered Before=systemd-user-sessions && echo Ss

done

[Regression Potential]
This is a revert to functionality that was working for years. It will regress emulated riscV users per LP: #2013403 as they may be able to see a login prompt that will show up before cloud-config completes and could reject their correct configured password as invalid until the cloud-config.service completes setup on first boot.

[Other info]
LP: #2013403
LP: #2039441

[Original Description]

Affected version: 23.3

Commit b3c9b6a7 introduced a dependency on snapd.seeded.service for systemd-user-sessions.service. This adds a 9.65s delay to user login (ssh or local tty) which was missed during performance testing[2] due to using an image that had already seeded snapd (testing on a dirty image re-run via `cloud-init clean`).

This was discovered while investigating LP: #2039441.

[1] https://github.com/canonical/cloud-init/commit/b3c9b6a79c85ebc8c87908383c34b0314c2205b6
[2] https://github.com/canonical/cloud-init/pull/2111#issuecomment-1616634930

See original description
Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu):
status: New → Fix Committed
Revision history for this message
Chad Smith (chad.smith) wrote :

Downstream commit[1] for Ubuntu merged which reverts this change. It will be released as cloud-init version 23.3.2-0ubuntu0~23.10.1.

[1] https://github.com/canonical/cloud-init/commit/052d898023fbd6f7d87338e31f6cca6535cccef7

When cloud-init merges the ability to avoid snap.seeded.service costs in cloud-config.service this change will be re-applied.

Changed in cloud-init (Ubuntu):
importance: Undecided → High
importance: High → Critical
assignee: nobody → Brett Holman (holmanb)
Chad Smith (chad.smith)
description: updated
Chad Smith (chad.smith)
description: updated
description: updated
Chad Smith (chad.smith)
Changed in cloud-init (Ubuntu Focal):
status: New → Fix Committed
Changed in cloud-init (Ubuntu Jammy):
status: New → Fix Committed
Changed in cloud-init (Ubuntu Lunar):
status: New → Fix Committed
Changed in cloud-init (Ubuntu Mantic):
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.4~3g0cb0b80f-0ubuntu1

---------------
cloud-init (23.4~3g0cb0b80f-0ubuntu1) noble; urgency=medium

  * d/p/do-not-block-user-login.patch:
    - Revert behavior, allow user login after cloud-init stage (LP: #2039505)
  * d/control: add python3-apt as Recommends to read APT config from apt_pkg
  * drop the following cherry-picks now included:
    + d/p/cpick-0d9f149a-Pytestify-apt-config-test-modules-4424
    + d/p/cpick-5023e9f9-Refactor-test_apt_source_v1.py-to-use-pytest-4427
    + d/p/cpick-e9cdd7e3-Install-gnupg-if-gpg-not-found-4431
    + d/p/cpick-015543d3-apt-install-software-properties-common-when-absent-but
  * Upstream snapshot based on upstream/main at 0cb0b80f.
    - Bugs fixed in this snapshot: (LP: #2034273, #2030729)
      (LP: #2038945, #2039453)

 -- Chad Smith <email address hidden> Wed, 08 Nov 2023 22:24:09 -0700

Changed in cloud-init (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Alan Sparks (alsparks) wrote :

Is there information when this updated package will land in the Focal and Jammy updates? Seems only on trunk for now. Thanks.

Revision history for this message
Andreas Hasenack (ahasenack) wrote : Please test proposed package

Hello Brett, or anyone else affected,

Accepted cloud-init into mantic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.3.3-0ubuntu0~23.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-mantic to verification-done-mantic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-mantic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-mantic
tags: added: verification-needed-lunar
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello Brett, or anyone else affected,

Accepted cloud-init into lunar-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.3.3-0ubuntu0~23.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-lunar to verification-done-lunar. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-lunar. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed-jammy
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello Brett, or anyone else affected,

Accepted cloud-init into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.3.3-0ubuntu0~22.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed-focal
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello Brett, or anyone else affected,

Accepted cloud-init into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/23.3.3-0ubuntu0~20.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Chad Smith (chad.smith) wrote (last edit ):
Download full text (12.4 KiB)

Validated mantic using sru.sh. Launching current mantic cloudimg, validating Unprivileged console messages and systemd-analyze critical chain ordering dependency for systemd-user-sessions.service is correctly reverted to ordering After=cloud-config.service in the -proposed version of cloud-init 23.3.3.

$ bash sru.sh mantic
Creating a disk backed by the image...
Formatting 'boot-disk-pretty-pika.img', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=3758096384 backing_file=mantic-server-cloudimg-amd64.img backing_fmt=q6
Launching current cloud-init to confirm expected time to SSH delay
--- expect to see some messages Unprivileged users are not permitted to log in yet ---
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000001H:ECX.svm [bit 2]
kex_exchange_identification: read: Connection reset by peer
Connection reset by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
ubuntu@localhost: Permission denied (publickey).
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
ubuntu@localhost: Permission denied (publickey).
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
ubuntu@localhost: Permission denied (publickey).
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) ...

description: updated
Chad Smith (chad.smith)
tags: added: verification-done-mantic
removed: verification-needed-mantic
Revision history for this message
Chad Smith (chad.smith) wrote (last edit ):
Download full text (8.6 KiB)

Verified Jammy Unprivileged prompts and costly ordering after cloud-config.service on released cloud-init.
Verified -proposed upgrade to 23.3.3 no longer shows " Unprivileged users are not permitted to log in yet" and systemd ordering for systemd-user-sessions.service is After cloud-init.service instead of cloud-config.service

$ bash sru.sh jammy
Creating a disk backed by the image...
Formatting 'boot-disk-key-imp.img', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=2361393152 backing_file=jammy-server-cloudimg-amd64.img backing_fmt=qcow2 6
Launching current cloud-init to confirm expected time to SSH delay
--- expect to see some messages Unprivileged users are not permitted to log in yet ---
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000001H:ECX.svm [bit 2]
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
status: running
boot_status_code: enabled-by-generator
last_update: Fri, 17 Nov 2023 21:18:48 +0000
detail:
Running in stage: modules-final
--- assert systemd-user-sessions.service is blocked by later cloud-config.service and snapd-seeded
Before=systemd-user-sessions.service shutdown.target cloud-init.target cloud-final.service ubuntu-advantage.service
SUCCESS: cloud-config.service is ordered Before=systemd-user-sessions
Creating a disk backed by the image with cloud-init upgraded to -proposed...
Formatting 'boot-disk-proposed-key-imp.img', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=2361393152 backing_file=jammy-server-cloudimg-amd64.img backing_f6
Upgrading cloud-init from jammy-proposed
deb http://archive.ubuntu.com/ubuntu jammy-proposed main
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Hit:2 http://archive.ubuntu.com/ubuntu jammy InRelease
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Get:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [109 kB]
Get:5 http://archive.ubuntu.com/ubuntu jammy-proposed InRelease [270 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [14.1 MB]
Get:7 http://archive.ubuntu.com/ubuntu jammy/universe Translation-en [5,652 kB]
Get:8 http://archive.ubuntu.com/ubuntu jammy/universe amd64 c-n-f Metadata [286 kB]
Get:9 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 Packages [217 kB]
Get:10 http://archive.ubuntu.com/ubuntu jammy/multiverse Translation-en [112 kB]
Get:11 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 c-n-f Metadata [8,372 B]
Get:12 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages [953 kB]
Get:13 http://security.ubuntu.com/ubuntu jammy-security/main Translation-en [188 kB]
Get:14 http://security.ubuntu.com/ubuntu jammy-security/main amd64 c-n-f Metadata [11.4 kB]
Get:15 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [1,093 kB]
Get:16 http://sec...

Read more...

tags: added: verification-done-jammy
removed: verification-needed-jammy
Revision history for this message
Chad Smith (chad.smith) wrote (last edit ):
Download full text (7.9 KiB)

Verified Lunar Unprivileged prompts and costly ordering after cloud-config.service on released cloud-init.
Verified -proposed upgrade to 23.3.3 no longer shows " Unprivileged users are not permitted to log in yet" and systemd ordering for systemd-user-sessions.service is After cloud-init.service instead of cloud-config.service

$ bash sru.sh lunar
Creating a disk backed by the image...
Formatting 'boot-disk-valid-minnow.img', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=3758096384 backing_file=lunar-server-cloudimg-amd64.img backing_fmt=q6
Launching current cloud-init to confirm expected time to SSH delay
--- expect to see some messages Unprivileged users are not permitted to log in yet ---
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000001H:ECX.svm [bit 2]
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
status: running
boot_status_code: enabled-by-generator
last_update: Fri, 17 Nov 2023 21:10:42 +0000
detail:
Running in stage: modules-final
--- assert systemd-user-sessions.service is blocked by later cloud-config.service and snapd-seeded
Before=cloud-final.service ubuntu-advantage.service systemd-user-sessions.service cloud-init.target shutdown.target
SUCCESS: cloud-config.service is ordered Before=systemd-user-sessions
Creating a disk backed by the image with cloud-init upgraded to -proposed...
Formatting 'boot-disk-proposed-valid-minnow.img', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=3758096384 backing_file=lunar-server-cloudimg-amd64.img back6
Upgrading cloud-init from lunar-proposed
deb http://archive.ubuntu.com/ubuntu lunar-proposed main
Hit:1 http://archive.ubuntu.com/ubuntu lunar InRelease
Get:2 http://security.ubuntu.com/ubuntu lunar-security InRelease [109 kB]
Get:3 http://archive.ubuntu.com/ubuntu lunar-updates InRelease [109 kB]
Get:4 http://archive.ubuntu.com/ubuntu lunar-backports InRelease [99.9 kB]
Get:5 http://archive.ubuntu.com/ubuntu lunar-proposed InRelease [255 kB]
Get:6 http://archive.ubuntu.com/ubuntu lunar/universe amd64 Packages [15.0 MB]
Get:7 http://archive.ubuntu.com/ubuntu lunar/universe Translation-en [5,906 kB]
Get:8 http://archive.ubuntu.com/ubuntu lunar/universe amd64 c-n-f Metadata [303 kB]
Get:9 http://archive.ubuntu.com/ubuntu lunar/multiverse amd64 Packages [236 kB]
Get:10 http://archive.ubuntu.com/ubuntu lunar/multiverse Translation-en [112 kB]
Get:11 http://archive.ubuntu.com/ubuntu lunar/multiverse amd64 c-n-f Metadata [8,772 B]
Get:12 http://security.ubuntu.com/ubuntu lunar-security/main amd64 Packages [407 kB]
Get:13 http://security.ubuntu.com/ubuntu lunar-security/main Translation-en [90.5 kB]
Get:14 http://security.ubuntu.com/ubuntu lunar-security/universe amd64 Packages [732 kB]
Get:15 http://security.ubuntu.com/ubuntu lunar-security/universe Translation-en [74.2 kB]
Get:16 http://securit...

Read more...

tags: added: verification-done-lunar
removed: verification-needed-lunar
Revision history for this message
Chad Smith (chad.smith) wrote (last edit ):
Download full text (8.9 KiB)

Verified Focal Unprivileged prompts and costly ordering after cloud-config.service on released cloud-init.

Verified -proposed upgrade to 23.3.3 no longer shows " Unprivileged users are not permitted to log in yet" and systemd ordering for systemd-user-sessions.service is After cloud-init.service instead of cloud-config.service

$ bash sru.sh focal
Creating a disk backed by the image...
Formatting 'boot-disk-active-louse.img', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=2361393152 backing_file=focal-server-cloudimg-amd64.img backing_fmt=q6
Launching current cloud-init to confirm expected time to SSH delay
--- expect to see some messages Unprivileged users are not permitted to log in yet ---
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.80000001H:ECX.svm [bit 2]
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
ubuntu@localhost: Permission denied (publickey).
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
Connection closed by 127.0.0.1 port 2222
Awaiting SSH access...
Warning: Permanently added '[localhost]:2222' (ED25519) to the list of known hosts.
status: running
boot_status_code: enabled-by-generator
last_update: Fri, 17 Nov 2023 21:39:42 +0000
detail:
Running in stage: modules-final
---- cloud-init status --wait -----
....................................................................................
status: done
--- assert systemd-user-sessions.service is blocked by later cloud-config.service and snapd-seeded
└─cloud-config.service @18.569s +2.019s
  └─snapd.seeded.service @13.770s +4.792s
    └─snapd.service @11.668s +2.095s
          └─snap.lxd.daemon.unix.socket @16.098s
              └─cloud-init.service @9.889s +1.460s
                      └─cloud-init-local.service @4.958s +2.932s
Before=ubuntu-advantage.service systemd-user-sessions.service cloud-init.target shutdown.target cloud-final.service
SUCCESS: cloud-config.service is ordered Before=systemd-user-sessions
Creating a disk backed by the image with cloud-init upgraded to -proposed...
Formatting 'boot-disk-proposed-active-louse.img', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=2361393152 backing_file=focal-server-cloudimg-amd64.img back6
Upgrading cloud-init from focal-proposed
deb http://archive.ubuntu.com/ubuntu focal-proposed main
Get:1 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]
Hit:2 http://archive.ubuntu.com/ubuntu focal InRelease
Get:3 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:4 http://archive.ubuntu.com/ubuntu focal-backports InRelease [108 kB]
Get:5 http://archive.ubuntu.com/ubuntu focal-proposed InRelease [267 kB]
Get:6 http://archive.ubuntu.com/ubuntu focal/universe amd64 Packages [8,628 kB]
Get:7 http://archive.ubuntu.com/ubuntu focal/universe Translation-en [5,124 kB]
Get:8 http://archive.ubuntu.com/ubuntu focal/universe amd64 c-n-f Metadata [265 kB]
Get:9 http://archive.ubuntu.com/ubuntu focal/...

Read more...

tags: added: verification-done verification-done-focal
removed: verification-needed verification-needed-focal
Revision history for this message
Chad Smith (chad.smith) wrote :

sru.sh script used to validate F, J, L and M series

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.3.3-0ubuntu0~23.10.1

---------------
cloud-init (23.3.3-0ubuntu0~23.10.1) mantic; urgency=medium

  * Upstream snapshot based on 23.3.3. (LP: #2040291).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.3/ChangeLog

cloud-init (23.3.2-0ubuntu0~23.10.1) mantic; urgency=medium

  [ Brett Holman ]
  * d/p/do-not-block-user-login.patch:
    - Revert behavior, allow user login after cloud-init stage (LP: #2039505)
  * cherry-pick 2ab1f340: fix(cc_apt_configure): avoid unneeded call to
    apt-get update (LP: #2039621)
  * Upstream snapshot based on 23.3.2. (LP: #2039453).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.2/ChangeLog

 -- James Falcon <email address hidden> Tue, 24 Oct 2023 10:43:22 -0500

Changed in cloud-init (Ubuntu Mantic):
status: Fix Committed → Fix Released
Revision history for this message
Timo Aaltonen (tjaalton) wrote : Update Released

The verification of the Stable Release Update for cloud-init has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.3.3-0ubuntu0~23.04.1

---------------
cloud-init (23.3.3-0ubuntu0~23.04.1) lunar; urgency=medium

  * Upstream snapshot based on 23.3.3. (LP: #2040291).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.3/ChangeLog

cloud-init (23.3.2-0ubuntu0~23.04.1) lunar; urgency=medium

  * d/p/do-not-block-user-login.patch:
    - Revert behavior, allow user login after cloud-init stage (LP: #2039505)
  * Upstream snapshot based on 23.3.2. (LP: #2039453).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.2/ChangeLog

 -- James Falcon <email address hidden> Tue, 24 Oct 2023 10:47:46 -0500

Changed in cloud-init (Ubuntu Lunar):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.3.3-0ubuntu0~22.04.1

---------------
cloud-init (23.3.3-0ubuntu0~22.04.1) jammy; urgency=medium

  * Upstream snapshot based on 23.3.3. (LP: #2040291).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.3/ChangeLog

cloud-init (23.3.2-0ubuntu0~22.04.1) jammy; urgency=medium

  * d/p/do-not-block-user-login.patch:
    - Revert behavior, allow user login after cloud-init stage (LP: #2039505)
  * Upstream snapshot based on 23.3.2. (LP: #2039453).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.2/ChangeLog

 -- James Falcon <email address hidden> Tue, 24 Oct 2023 10:50:55 -0500

Changed in cloud-init (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 23.3.3-0ubuntu0~20.04.1

---------------
cloud-init (23.3.3-0ubuntu0~20.04.1) focal; urgency=medium

  * Upstream snapshot based on 23.3.3. (LP: #2040291).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.3/ChangeLog

cloud-init (23.3.2-0ubuntu0~20.04.1) focal; urgency=medium

  * d/p/do-not-block-user-login.patch:
    - Revert behavior, allow user login after cloud-init stage (LP: #2039505)
  * Upstream snapshot based on 23.3.2. (LP: #2039453).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.3.2/ChangeLog

 -- James Falcon <email address hidden> Tue, 24 Oct 2023 10:59:56 -0500

Changed in cloud-init (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.