curtinator

Curtinator fails to create /etc/sudoers.d/90-cloud-init-users file

Bug #1408465 reported by Rod Smith
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
curtinator
New
Undecided
Unassigned

Bug Description

Normally, MAAS installs include a file called /etc/sudoers.d/90-cloud-init-users, with the following contents:

# Created by cloud-init v. 0.7.5 on Wed, 07 Jan 2015 21:14:11 +0000

# User rules for ubuntu
ubuntu ALL=(ALL) NOPASSWD:ALL

(Presumably the date in the first line varies.) This file should be owned by root with 0440 permissions. Installations from images created by curtinator lack this file. Given the date on the comment line, I assume it's created dynamically by MAAS and something about the Curtinator image is blocking this, similar to bug #1408457; or maybe this is a bug in MAAS with respect to custom images. In any event, it would be helpful for Curtinator to create this file. As a workaround, I'm looking into doing it from the preseed.txt file.

This file, when present, enables the default "ubuntu" user to access "sudo" without a password, which is a practical necessity unless you want to publicize the default password set in the preseed.

Revision history for this message
Rod Smith (rodsmith) wrote :

As a workaround, the following two lines, added to the "d-i preseed/late_command" string, just prior to the "umount /target/sys" command, fix this problem:

  echo "ubuntu ALL=(ALL) NOPASSWD:ALL" > /target/etc/sudoers.d/90-cloud-init-users; \
  chmod 0440 /target/etc/sudoers.d/90-cloud-init-users; \

Revision history for this message
Daniel Manrique (roadmr) wrote :

I understand you're creating this file in a preseed, but watch out, as the file says it's created by cloud-init, so while the workaround sounds valid, we could perhaps try to understand why cloud-init isn't creating it in the first place.

Revision history for this message
Rod Smith (rodsmith) wrote :

Oh, that's in preseed.txt....

Revision history for this message
Rod Smith (rodsmith) wrote :

I agree; that's why I called this a workaround rather than a bug fix. ;-)

Revision history for this message
Rod Smith (rodsmith) wrote :

An update: It turns out that this bug applies ONLY to 12.04 releases. (I'm presuming all point releases, but I haven't tested them all.) With 14.04 GA and 14.04.1, the /etc/sudoers.d/90-cloud-init-users file is created correctly.

I've also found that a standard MAAS 12.04 installation has two files with similar contents, 90-cloudimg-ubuntu and 90-cloud-init-users, and neither file has the comment noting its creation by cloud-init that's present in 90-cloud-init-users on a 14.04 installation. The first file is present in the 12.04 image file stored on the MAAS server, but the second one isn't, so presumably it's created during deployment -- but the lack of a comment about cloud-init makes me wonder if it might be created in some other way than the file in 14.04, or at least that there might be some version-checking going on that's causing Curtinator-created images to slip through.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.