Login and delete user created with /v2/create-user

busybox · April 29, 2020, 11:35am

I am creating a local user with following

(classic)dev@localhost:~$ sudo curl -sS --unix-socket /run/snapd.socket http://localhost/v2/create-user -X POST -d '{"email": "mvo@ubuntu.com", "sudoer": false}'

I have two q’s:

How to login with newly created user? I tried copying the ssh keys that I got in response to create-user req above in a file (key) and log in using ssh -i key mvo@<ip address>. But could not. I tried with all the (4) ssh keys that I got in response above. The keys looks very different to what I usually seen.
How to delete the user created above? Tried sudo userdel mvo but it failed saying userdel: cannot remove entry 'mvo' from /etc/passwd On checking, I see that user mvo in not there in /etc/passwd at all. But getent passwd shows it !!

ogra · April 29, 2020, 12:32pm

ubuntu core does not usr /etc/passwd to create users, but /var/lib/extrausers/passwd so you need to tell userdel to use this database by passing it the right options …

mvo · April 29, 2020, 12:34pm

Try snap remove-user mvo please.

busybox · April 30, 2020, 2:47am

Although the userdel command succeeded, recreation of user again failed with error ‘device already managed’. Looks like the command does not cleanly delete the user.

muthu@localhost:~$ cat /var/lib/extrausers/passwd
muthu:x:1000:1001::/home/muthu:/bin/bash
mvo:x:1001:1002:mvo@ubuntu.com,xDPXBdB,,:/home/mvo:/bin/bash
muthu@localhost:~$ sudo userdel --extrausers mvo
muthu@localhost:~$ cat /var/lib/extrausers/passwd
muthu:x:1000:1001::/home/muthu:/bin/bash
muthu@localhost:~$ sudo classic
(classic)muthu@localhost:~$ sudo curl -sS --unix-socket /run/snapd.socket http://localhost/v2/create-user -X POST -d '{"email": "mvo@ubuntu.com", "sudoer": false}'
{"type":"error","status-code":400,"status":"Bad Request","result":{"message":"cannot create user: device already managed"}}(classic)muthu@localhost:~$
(classic)muthu@localhost:~$ exit
logout
muthu@localhost:~$ sudo snap remove-user mvo
error: cannot delete user "mvo": userdel: user 'mvo' does not exist
muthu@localhost:~$

busybox · April 30, 2020, 2:53am

Worked.
What is the corresponding snapctl API to do this? I tried:
sudo curl -sS --unix-socket /run/snapd.socket http://localhost/v2/remove-user -X POST -d '{"email": "mvo@ubuntu.com"}'
but failed.

Also, logging in with the ssk keys is still not possible. I am unable to determine whether I have single ssh key or multiple. Anyway I tried all of them but I get Load key "key": invalid format on doing ssh -i key mvo@<ip address>

(classic)muthu@localhost:~$ sudo curl -sS --unix-socket /run/snapd.socket http://localhost/v2/create-user -X POST -d '{"email": "mvo@ubuntu.com", "sudoer": false}'

{"type":"sync","status-code":200,"status":"OK","result":{"username":"mvo","ssh-keys":["<>"]}}

(classic)muthu@localhost:~$

busybox · April 30, 2020, 12:24pm

If there is any documentation regarding this on how to (that I might have missed) please point me to that and I will check.

ogra · April 30, 2020, 2:22pm

I’d suggest reading up about how ssh key authentication works…
And then I’d stop using someone else’s user credentials… what do you try to achieve by using Michaels account data on your device? You do not own the secret key for it…

busybox · May 1, 2020, 5:17am

Did not realize this. Will use correct user and then check.

busybox · May 8, 2020, 7:45am

I was able to login using the user created by create-user API. Had to register my public key with Ubuntu account (which I had not done before)

Have few questions though

Why the does o/p of create-user gives out public key of user? Private key is required to login to the device? So I am not sure what value giving out the public key adds. Am I missing something?
Although snap remove-user works from command line, still looking for API equivalent of remove user. I tried delete-user and remove-user using curl from command line, but get {"message":"not found"} as response.