cloud-init can add users in wrong filesystem (race with `mount /home`)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init |
Expired
|
High
|
Unassigned | ||
subiquity |
New
|
Undecided
|
Unassigned |
Bug Description
When cloud-init is used to configure a new Ubuntu Server system installed from the ISO images, and /home is configured as a separate partition, there is a (slow) race between the user creation and /home being mounted. This can lead to the user $HOME being created in the wrong filesystem.
Steps to reproduce:
1. Prepare to install focal-live-
In my case I used one of the 20.04.4 dailies.
2. Proceed with all-defaults but for storage. Configure the storage
so / is in a dedicated partition, while /home in a an *encrypted*
LVM volume. (The only purpose of encryption is to add delay in the
/home mount, see the next point.)
3. Finish the install and reboot. At the dm-crypt password prompt
stop and wait a few minutes. At some point cloud-init will proceed
creating the configured username, but /home is not mounted yet!
The user's $HOME is now in the same filesystem as /.
4. Enter the dm-crypt password. This will cause /home to be mounted
from the encrypted volume, and this will shadow the actual $HOME.
5. Login with the configured credentials and verify that $HOME is
inaccessible.
Changed in cloud-init: | |
status: | New → Confirmed |
status: | Confirmed → Triaged |
Changed in cloud-init: | |
importance: | Medium → High |
Not a regression: reproduces with ubuntu- 20.04.3- live-server- amd64.iso.