View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001717||Cloud||General||public||2023-01-04 13:18||2023-01-05 09:55|
|Reporter||Grzegorz Koper||Assigned To|
|Summary||0001717: Rocky-*-GenericCloud-Base and Rocky-*-GenericCloud-LVM should use cloud-init instead of rocky user.|
After installing latest Cloud based images I've noticed that "cloud-user" is being replaced by "rocky" user.
# rocky cloud user
echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
Following the discussions and changes here:
I was hoping to see Rocky also be treated the same as other RHEL family distributions.
Is there any reasoning for this change ? Could this be normalised ?
|Tags||No tags attached.|
Thanks for the report!
The discussion in the linked PR for cloud-init actually is a bit different; the choice was made to _not_ change the user to cloud-user, as that would affect all other Distros. The intent of the PR was only to fix a breakage, but keep everything else (largely) the same.
I am not against looking into defaulting to cloud-user, but that is something I think we'll need to also discuss with other distributions that would be affected.
I am the one who submitted the PR for cloud-init (1887). The change was to fix a problem that was caused by Red Hat that unfortunately hurt the configuration for EL derivatives that weren't RHEL or CentOS. And like Neil said, it keeps everything largely the same.
As for the reasoning we've changed cloud-user to rocky, this was done for a couple of reasons:
2) Users were already used to CentOS doing this before (changing cloud-user to centos) in their images
We have always changed "cloud-user" to "rocky" on our cloud images via the kickstarts since our first release. If folks want to make their own custom generic images (based on our kickstarts or making their own), they can avoid changing cloud-user to rocky if they wish to. The images are out of convenience as well, but we keep all the kickstarts available for others to see how they're made but also to make their own if they wish to.
From my POV, changing from our standard (rocky) to the cloud-init default (cloud-user) would create more issues than resolve for our users and hosting providers who have relied on our images. Changing it would likely cause confusion and a lot of noise (and endless requests to change it back).
Thanks for clarification and some context on mentioned changes.
I should have been more clear. We build our cloud images using Disk Image Builder. Its using rocky-container element, which didn't change.
Previously built images came with default cloud-init user.
created_at | 2022-11-08T12:14:10Z
[cloud-user@gkoper-rocky-previous home]$ ls -latr
drwxr-xr-x. 18 root root 4096 Jan 5 09:42 ..
drwxr-xr-x. 3 root root 4096 Jan 5 09:42 .
drwx------. 3 cloud-user cloud-user 4096 Jan 5 09:43 cloud-user
created_at | 2022-11-28T13:22:47Z
$ ssh firstname.lastname@example.org
The authenticity of host '10.0.3.163 (10.0.3.163)' can't be established.
ECDSA key fingerprint is SHA256:i4ElHbym6njoD+E3rLCCXGR+pfbL5fPjt13AaQvGVsI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.0.3.163' (ECDSA) to the list of known hosts.
email@example.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
$ ssh firstname.lastname@example.org
[rocky@gkoper-rocky-current ~]$ cd /home
[rocky@gkoper-rocky-current home]$ ls -latr
drwxr-xr-x. 18 root root 4096 Jan 5 09:46 ..
drwxr-xr-x. 3 root root 4096 Jan 5 09:46 .
drwx------. 3 rocky rocky 4096 Jan 5 09:46 rocky
Something must have changed with the container being used with rocky-container element.
Personally I think cloud-init seems reasonable default for all distributions that use cloud-init.