subiquity

Automated Install does not set default user data

Bug #1879485 reported by Dirk on 2020-05-19

This bug report is a duplicate of: Bug #1879103: Unattended installation user data conflict. Edit Remove

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	subiquity	Fix Committed	Undecided	Unassigned
	subiquity (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

When I run the automated installer I always end up with a fresh system I cannot login to. The default user ubuntu has its password locked.

I tested this using the minimalistic example from the [wiki][1], latest Focal and virtualbox.

cat > user-data << 'EOF'
#cloud-config
autoinstall:
  version: 1
  identity:
    hostname: ubuntu-server
    password: "$6$exDY1mhS4KUYCE/2$zmn9ToZwTKLhCw.b4/b.ZRTIZM30JZ4QrOQ2aOXJ8yk96xpcCof0kxKwuX1kqLG/ygbJ1f8wxED22bTL4F46P0"
    username: ubuntu
EOF
touch meta-data

cloud-localds ~/seed.iso user-data meta-data

I tried to get in using these ways, too:

1. Adding a SSH key to an additional `ssh` section did not help as well.
2. Configuring a user in user-data did not work as well.

Actually, no settings from the `user-data` section work but configuration from the storage and network sections works like a charm.

[1]: https://wiki.ubuntu.com/FoundationsTeam/AutomatedServerInstalls/QuickStart#Using_another_volume_to_provide_the_autoinstall_config

See original description

Dirk (wedibit) on 2020-05-19

description:

updated

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2020-05-20:

This is very strange. Can you get /var/log/installer from the installed system somehow? (I guess you need to boot as single user to set the password for ubuntu first!) I guess /var/lib/cloud and /var/log/cloud-init* would be interesting too.

Revision history for this message

Dirk (wedibit) wrote on 2020-05-20:

logs.tar.gz Edit (80.1 KiB, application/x-tar)

I have attached all mentioned files. Just mounted the drive into another virtual machine. I can provide more if needed.

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2020-05-22:

I think the mistake in subiquity is that subiquity generates this in the user-data:

lock-passwd: false

but cloud-init looks for "lock_passwd". But now I don't understand how this ever works, i.e. why all users created by subiquity do not get their accounts locked.

Revision history for this message

Dirk (wedibit) wrote on 2020-05-25:

I tried to work around this bug by preconfiguring everything but ask for the user. This does not work as well.

#cloud-config
autoinstall:
  version: 1
  interactive-sections:
    - identity
  identity:
    hostname: ubuntu-server
    password: "$6$exDY1mhS4KUYCE/2$zmn9ToZwTKLhCw.b4/b.ZRTIZM30JZ4QrOQ2aOXJ8yk96xpcCof0kxKwuX1kqLG/ygbJ1f8wxED22bTL4F46P0"
    username: ubuntu

Then I tried to work around this bug by creating a user using user-data but this does not work as well. After installation, there is no user 'testuser', just a deactivated 'ubuntu' user.

#cloud-config
autoinstall:
  version: 1
  identity:
    hostname: ubuntu-server
    password: "$6$exDY1mhS4KUYCE/2$zmn9ToZwTKLhCw.b4/b.ZRTIZM30JZ4QrOQ2aOXJ8yk96xpcCof0kxKwuX1kqLG/ygbJ1f8wxED22bTL4F46P0"
    username: ubuntu
  user-data:
    timezone: Europe/Berlin
    users:
      - name: testuser
        password: "$6$exDY1mhS4KUYCE/2$zmn9ToZwTKLhCw.b4/b.ZRTIZM30JZ4QrOQ2aOXJ8yk96xpcCof0kxKwuX1kqLG/ygbJ1f8wxED22bTL4F46P0"
        lock_passwd: false
        groups: users, adm

In addition, the seed configuration yaml is not recognized when it's not prepended with '#cloud-config' (n.b. a random comment or yaml node might be sufficient as well, I haven't tested these cases). I guess this is another bug?

Revision history for this message

Dirk (wedibit) wrote on 2020-05-30:

Looks like this bug affects the NoCloud provider with a seed file system. It does work well when downloading the config with nocloud-net.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-06-09:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in subiquity (Ubuntu):
status:	New → Confirmed

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2020-06-12:

I've committed the fix that sets the lock_passwd key instead of the lock-passwd key, so if you can test with:

refresh-installer:
channel: edge
update: yes

in your config, I would appreciate it.

I still don't understand at all why nocloud vs nocloud-net makes a difference. It really shouldn't!

Changed in subiquity:
status:	New → Fix Committed

Revision history for this message

Dirk (wedibit) wrote on 2020-06-13:

Unfortunately, I still cannot login after running the installer.

You can replicate what I did with Virtualbox using this script: https://gist.github.com/wedi/cba7465ee8280c0e75f94d2ef024a82e
Probably you'll need to switch from Apple's hdiutil to cloud-localds or similar to create the seed image.