Ubuntu user on custom image

elmisa · May 25, 2021, 2:50pm

Hi,

I’m using a custom ubuntu core18 image for a headless installation on a nuc without display port.
For that I create an user with the brand store login with snap create-user over an cloud-init config.
The new user has the user id 1001 because of the ubuntu user which has already the id 1000.

This gets a conflict with the azure edgeAgent and edgeHub docker containers with local storage. Because the images map the permissions to the user id 1000.
Maybe the id 1000 can lead to additional problems in the future too.

The ubuntu user seems to be the default user. Has this user an other purpose? Can it be removed or replaced with my own user?

For security reasons: what’s the password for the user for login or ssh? Or is it deactivated?

Thanks,
Sandro

ogra · May 25, 2021, 2:57pm

well, Ubuntu Core has no user at all by default, would be interesting how you got an “ubuntu” user on there at all …

do you have a cloud.conf somewhere in your gadget that creates it ?

elmisa · May 25, 2021, 3:07pm

Hi ogra

Thank you very much for your fast reply.

That’s interesting!

About your question, no there isn’t a cloud.conf in the gadget. The gadget is pretty much configured like the example from github (https://github.com/snapcore/pc-amd64-gadget/tree/18)

There’s a prepare-device hook in the gadget, but doesn’t look suspicious to me:
#!/bin/sh
product_serial=$(ip link show eth0 | grep -oP ‘(?<=ether\s)[^\s]+\s’ | sed -r ‘s/://g’ | tr -d ‘[:space:]’)
# Set the serial number of the device (needed for the serial assertion)
snapctl set registration.proposed-serial=""${product_serial}""
snapctl set device-service.url=“https://serial-vault-partners.canonical.com/v1/”
snapctl set device-service.headers=’{“api-key”: “key”}’

ogra · May 25, 2021, 3:34pm

the gadget bits look indeed fine to me … does your cloud-init file use the nocloud datasource as it should ?

perhaps something there runs any defaults that it shouldn’t

elmisa · May 25, 2021, 4:11pm

actual cloud-init file user-data.yaml:

#cloud-config
debug:
verbose: true
snap:
commands:
10: snap create-user --sudoer “email of brandstore user”
20: snap set network-manager ethernet.enable=true
30: snap install network-manager --channel=1.10/stable

power_state:
mode: reboot
timeout: 600
condition: True

elmisa · June 1, 2021, 12:32pm

How can I set the nocloud datasource?

I tried the following option with NoCloud in the cloud-config, but this didn’t work out either:

#cloud-config
debug:
  verbose: true
NoCloud:
  seedfrom: None
  user-data: None
snap:
...

Should the nocloud setting be in another file?
Like in this post https://gist.github.com/Informatic/0b6b24374b54d09c77b9d25595cdbd47:

meta-data:
dsmode: local

Where do I have to put the meta-data file in the image?

ijohnson · June 1, 2021, 12:52pm

You (probably) need to specify datasources_list: [NoCloud] in your cloud-init config

elmisa · June 1, 2021, 1:47pm

@ijohnson: Thank you for your Input. I tried this, but without success.

I tried both versions with and without the NoCloud option:

#cloud-config
debug:
  verbose: true
datasources_list: [NoCloud]
NoCloud:
  seedfrom: None
  user-data: None
snap: 
...

ogra · June 1, 2021, 2:06pm

there was an example cloud.conf posted in another thread that seems to work:

perhaps start deriving from that one by changing things one by one …

elmisa · June 1, 2021, 3:44pm

@ogra: yes, this worked. I added an empty users section.

Thank you all for your help.

This is the configuration which works:

#cloud-config
debug:
  verbose: true
datasources_list: [NoCloud]
users:
snap:
...

I’m gonna try to replace the snap create-user command with the users section but for now I will use this configuration.