It managed to get centos installed and reboot it, but it won’t get into the login screen. It has the error along the lines of: avc denied open for path /etc/passwd sda
The MaaS version I’m using is 2.5 and I was using the centos image that is provided, no changes at all.
I have done the same curtin commands to ubuntu, and it seems to work fine on ubuntu.
Let me know if there’s any more details that I need to provide. Thanks in advance,
i thing you don’t need to create user/users. By default MaaS create user “ubuntu” for ubuntu machines and user “centos” for CentOS deployment. You can login with ssh-key used from user which is deploy this machines.
@tension183 it can actually be usefull if your installation does not work as wished, SSH is not working and you want to access the server to check what’s wrong via IPMI console for example
Yes, the reason for an account with password is to be used for IPMI console. For some reason, it only works on ubuntu. And it does not have any errors on curtin as well. I suspect that it might be a centos selinux issue.
I’ve figured out a workaround on this, I used cloud-init user_data to add users during deployment when I was deploying centos. However, I still hope that there’s still a way to incorporate this in curtin, so that I can keep user_data logic as thin as possible
I don’t think it’s necessarily a good idea to attempt to implement your own useradd functionality. Curtin will do it for you quite nicely.
I’ve attached our entire custom config to which I appended the users which we have in /etc/maas/preseeds/curtin_userdata_custom template (because we only wanted to affect our custom images).
# cloud-config
---
debconf_selections:
maas: |
{{for line in str(curtin_preseed).splitlines()}}
{{line}}
{{endfor}}
late_commands:
maas: [wget, '--no-proxy', '{{node_disable_pxe_url}}', '--post-data', '{{node_disable_pxe_data}}', '-O', '/dev/null']
write_files:
userconfig:
path: /etc/cloud/cloud.cfg.d/00-users.cfg
content: |
groups:
- docker
users:
- default
- name: myuser
gecos: Service Operator
primary_group: myuser
groups: [docker,sudo]
lock_passwd: false
passwd: <REDACTED> # note that the value for this field is NOT the plain text password
ssh_authorized_keys:
- <REDACT$ED>
A couple things to note that are very important!! The documentation here states you can set the shell for the default user only!! It’s not very explicit. So in other words, you cannot set the shell (afaict) for additional users. When I tried to do it, my test run failed miserably. When I removed the shell line, my test run succeeded. I ended up having to fix the default shell problem in my custom image that I build.
Finally, if you remove the default user in the users object under write_files, then the system user that gets added automatically will not get put on the system.