okay, so, here's the log output from (re-)running cloud-init clean --logs --reboot:
2019-12-04 10:25:32,678 - handlers.py[DEBUG]: start: init-network/config-users-groups: running config-users-groups with frequency once-per-instance
2019-12-04 10:25:32,678 - util.py[DEBUG]: Writing to /var/lib/cloud/instances/3623889/sem/config_users_groups - wb: [644] 26 bytes
2019-12-04 10:25:32,680 - helpers.py[DEBUG]: Running config-users-groups using lock (<FileLock using file '/var/lib/cloud/instances/3623889/sem/config_users_gr
oups'>)
2019-12-04 10:25:32,681 - __init__.py[INFO]: User root already exists, skipping.
2019-12-04 10:25:32,682 - util.py[DEBUG]: Running command ['passwd', '-l', 'root'] with allowed return codes [0] (shell=False, capture=True)
That means, despite a (wrong) definition of lock_passwd in distros/freebsd.py, we're somehow calling the one for Linux…
Which seems unlikely, given the callpath:
okay, so, here's the log output from (re-)running cloud-init clean --logs --reboot:
2019-12-04 10:25:32,678 - handlers.py[DEBUG]: start: init-network/ config- users-groups: running config-users-groups with frequency once-per-instance cloud/instances /3623889/ sem/config_ users_groups - wb: [644] 26 bytes cloud/instances /3623889/ sem/config_ users_gr
2019-12-04 10:25:32,678 - util.py[DEBUG]: Writing to /var/lib/
2019-12-04 10:25:32,680 - helpers.py[DEBUG]: Running config-users-groups using lock (<FileLock using file '/var/lib/
oups'>)
2019-12-04 10:25:32,681 - __init__.py[INFO]: User root already exists, skipping.
2019-12-04 10:25:32,682 - util.py[DEBUG]: Running command ['passwd', '-l', 'root'] with allowed return codes [0] (shell=False, capture=True)
That means, despite a (wrong) definition of lock_passwd in distros/freebsd.py, we're somehow calling the one for Linux…
Which seems unlikely, given the callpath:
cc_user_ groups. py:handle( ) → cloud.distro. create_ users()
$distro. py:add_ user() → util.py:is_user() → pwd.is_user() # this is patform independent py:lock_ passwd( ) → where are we now?
$distro.
I wonder if this has anything to do with Hetzner's vendor-data:
system_info:
lock_passwd: true
default_user:
name: root
shell: /bin/bash
distro: ubuntu
it seems pretty ridiculous that the system_info can override the system's reality, but i guess sometimes this is necessary…