Explicit addition of a user's primary_group breaks the user creation

Isn't this just the fact that if you specify a user the default user doesn't get created?

No, it's slighty more subtle.

It appears that you want to add a user $USER, and make them part of 'ubuntu' group , where 'ubuntu' group is the Ubuntu default user in cloud images.

If you intend to keep default user 'ubuntu' *and* add a user $USER, then you need two entries in your list. From the docs:

The ``users`` config key takes a list of users to configure. The first entry in
this list is used as the default user for the system. To preserve the standard
default user for the distro, the string ``default`` may be used as the first
entry of the ``users`` list. Each entry in the ``users`` list, other than a
``default`` entry, should be a dictionary of options for the user.

So:
multipass launch --cloud-init - <<EOF
users:
  - default
  - name: $USER
    groups: [ubuntu]
    ssh_authorized_keys:
      - $( cat ~/.ssh/id_rsa.pub )
EOF

And the error appears that since your $USER has group "ubuntu" when the default user was created, it tried to use the group 'ubuntu' which was already created. So another options would be:

multipass launch --cloud-init - <<EOF
users:
  - name: $USER
    groups: [$USER]
    ssh_authorized_keys:
      - $( cat ~/.ssh/id_rsa.pub )
EOF

That said, you can run 'cloud-init collect-logs' and attach the tarball we can see of something else is going on.

> And the error appears that since your $USER has group "ubuntu"
> when the default user was created, it tried to use the group
> 'ubuntu' which was already created. So another options would be:

Yes, that's exactly it. And I had the tarball collected, just forgot to attach, sorry!

> users:
> - default
> - name: $USER
> groups: [ubuntu]
> ssh_authorized_keys:
> - $( cat ~/.ssh/id_rsa.pub )

This is actually what happens with Multipass, since we enforce the `default` user. And this breaks in the same way - the "ubuntu" group gets created before the default user is created - and that then breaks.

Thanks for the logs; here we can see that the the specified user is created prior to the default user; and since their groups overlap; there's a failure.

2020-04-02 09:40:26,700 - util.py[DEBUG]: Running command ['groupadd', 'ubuntu'] with allowed return codes [0] (shell=False, capture=True)
2020-04-02 09:40:26,907 - __init__.py[INFO]: Created new group ubuntu
2020-04-02 09:40:26,908 - __init__.py[DEBUG]: created group 'ubuntu' for user 'michal'
2020-04-02 09:40:26,908 - __init__.py[DEBUG]: Adding user michal
2020-04-02 09:40:26,909 - util.py[DEBUG]: Running hidden command to protect sensitive input/output logstring: ['useradd', 'michal', '--groups', 'ubuntu', '-m']
2020-04-02 09:40:27,480 - util.py[DEBUG]: Running command ['passwd', '-l', 'michal'] with allowed return codes [0] (shell=False, capture=True)
2020-04-02 09:40:27,551 - __init__.py[DEBUG]: Adding user ubuntu
2020-04-02 09:40:27,551 - util.py[DEBUG]: Running hidden command to protect sensitive input/output logstring: ['useradd', 'ubuntu', '--comment', 'Ubuntu', '--groups', 'adm,audio,cdrom,dialout,dip,floppy,lxd,netdev,plugdev,sudo,video', '--shell', '/bin/bash', '-m']
2020-04-02 09:40:27,555 - util.py[WARNING]: Failed to create user ubuntu
2020-04-02 09:40:27,556 - util.py[DEBUG]: Failed to create user ubuntu
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/cloudinit/distros/__init__.py", line 481, in add_user
    util.subp(useradd_cmd, logstring=log_useradd_cmd)
  File "/usr/lib/python3/dist-packages/cloudinit/util.py", line 2102, in subp
    cmd=args)
cloudinit.util.ProcessExecutionError: Unexpected error while running command.
Command: ['useradd', 'ubuntu', '--comment', 'Ubuntu', '--groups', 'adm,audio,cdrom,dialout,dip,floppy,lxd,netdev,plugdev,sudo,video', '--shell', '/bin/bash', '-m']
Exit code: 9
Reason: -
Stdout:
Stderr: useradd: group ubuntu exists - if you want to add this user to that group, use -g.

It would be a similar problem if we just had a:

groups:
- ubuntu

Tracked in Github Issues as https://github.com/canonical/cloud-init/issues/3641