Ubuntu 22.04画像のcloud-initをテストしています。
だからまず、次からクラウドイメージをダウンロードしました。https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img
次に、単純な構成を作成します。
cat > meta-data << 'EOF'
instance-id: test-instance
local-hostname: test-ubuntu
EOF
cat > user-data << EOF
#cloud-config
disable_root: false
users:
- name: work
shell: /bin/bash
sudo: true
passwd: $(echo 123456 | mkpasswd -m sha-512 -s)
ssh_authorized_keys:
- $(cat ~/.ssh/id_rsa.pub)
- name: root
shell: /bin/bash
passwd: $(echo 123456 | mkpasswd -m sha-512 -s)
ssh_authorized_keys:
- $(cat ~/.ssh/id_rsa.pub)
EOF
設定ファイルを確認し、
# cloud-init schema --config-file user-data
Valid cloud-config: user-data
そしてシードISOを生成しました。
# cloud-localds seed.iso user-data meta-data
qemuが正常に起動します。
# qemu-system-x86_64 -m 2048 -smp 4 -hda ubuntu-22.04-server-cloudimg-amd64.img -device e1000,netdev=net0 -netdev user,id=net0,hostfwd=tcp::5555-:22 -nographic -cdrom seed.
...
[ 33.426077] cloud-init[567]: Cloud-init v. 22.2-0ubuntu1~22.04.3 running 'init' at Mon, 08 Aug 2022 23:39:58 +0000. Up 33.11 seconds.
[ 33.545880] cloud-init[567]: ci-info: ++++++++++++++++++++++++++++++++++++++Net device info++++++++++++++++++++++++++++++++++++++
[ 33.547680] cloud-init[567]: ci-info: +--------+------+----------------------------+---------------+--------+-------------------+
[ 33.549226] cloud-init[567]: ci-info: | Device | Up | Address | Mask | Scope | Hw-Address |
[ 33.551002] cloud-init[567]: ci-info: +--------+------+----------------------------+---------------+--------+-------------------+
[ 33.552434] cloud-init[567]: ci-info: | ens3 | True | 10.0.2.15 | 255.255.255.0 | global | 52:54:00:12:34:56 |
[ 33.553852] cloud-init[567]: ci-info: | ens3 | True | fec0::5054:ff:fe12:3456/64 | . | site | 52:54:00:12:34:56 |
[ 33.555541] cloud-init[567]: ci-info: | ens3 | True | fe80::5054:ff:fe12:3456/64 | . | link | 52:54:00:12:34:56 |
[ 33.558003] cloud-init[567]: ci-info: | lo | True | 127.0.0.1 | 255.0.0.0 | host | . |
[ 33.559775] cloud-init[567]: ci-info: | lo | True | ::1/128 | . | host | . |
[ 33.561321] cloud-init[567]: ci-info: +--------+------+----------------------------+---------------+--------+-------------------+
[ 33.564456] cloud-init[567]: ci-info: ++++++++++++++++++++++++++++Route IPv4 info+++++++++++++++++++++++++++++
[ 33.565934] cloud-init[567]: ci-info: +-------+-------------+----------+-----------------+-----------+-------+
[ 33.567427] cloud-init[567]: ci-info: | Route | Destination | Gateway | Genmask | Interface | Flags |
[ 33.568700] cloud-init[567]: ci-info: +-------+-------------+----------+-----------------+-----------+-------+
[ 33.569807] cloud-init[567]: ci-info: | 0 | 0.0.0.0 | 10.0.2.2 | 0.0.0.0 | ens3 | UG |
[ 33.571745] cloud-init[567]: ci-info: | 1 | 10.0.2.0 | 0.0.0.0 | 255.255.255.0 | ens3 | U |
[ 33.573611] cloud-init[567]: ci-info: | 2 | 10.0.2.2 | 0.0.0.0 | 255.255.255.255 | ens3 | UH |
[ 33.575426] cloud-init[567]: ci-info: | 3 | 10.0.2.3 | 0.0.0.0 | 255.255.255.255 | ens3 | UH |
[ 33.576740] cloud-init[567]: ci-info: +-------+-------------+----------+-----------------+-----------+-------+
[ 33.577961] cloud-init[567]: ci-info: +++++++++++++++++++Route IPv6 info+++++++++++++++++++
[ 33.579211] cloud-init[567]: ci-info: +-------+-------------+---------+-----------+-------+
[ 33.580309] cloud-init[567]: ci-info: | Route | Destination | Gateway | Interface | Flags |
[ 33.581608] cloud-init[567]: ci-info: +-------+-------------+---------+-----------+-------+
[ 33.583011] cloud-init[567]: ci-info: | 1 | fe80::/64 | :: | ens3 | U |
[ 33.584033] cloud-init[567]: ci-info: | 2 | fec0::/64 | :: | ens3 | Ue |
[ 33.584944] cloud-init[567]: ci-info: | 3 | ::/0 | fe80::2 | ens3 | UGe |
[ 33.585831] cloud-init[567]: ci-info: | 5 | local | :: | ens3 | U |
[ 33.587146] cloud-init[567]: ci-info: | 6 | local | :: | ens3 | U |
[ 33.588567] cloud-init[567]: ci-info: | 7 | multicast | :: | ens3 | U |
[ 33.590072] cloud-init[567]: ci-info: +-------+-------------+---------+-----------+-------+
[ OK ] Finished Initial cloud-ini…ob (metadata service crawler).
[ OK ] Reached target Cloud-config availability.
[ OK ] Reached target Network is Online.
[ OK ] Reached target System Initialization.
[ OK ] Started Daily apt download activities.
[ OK ] Started Daily apt upgrade and clean activities.
[ OK ] Started Daily dpkg database backup timer.
[ OK ] Started Periodic ext4 Onli…ata Check for All Filesystems.
[ OK ] Started Discard unused blocks once a week.
[ OK ] Started Refresh fwupd metadata regularly.
[ OK ] Started Daily rotation of log files.
[ OK ] Started Daily man-db regeneration.
[ OK ] Started Message of the Day.
[ OK ] Started Daily Cleanup of Temporary Directories.
[ OK ] Started Ubuntu Advantage Timer for running repeated jobs.
[ OK ] Started Download data for …ailed at package install time.
[ OK ] Started Check to see wheth…w version of Ubuntu available.
[ OK ] Reached target Path Units.
[ OK ] Reached target Timer Units.
[ OK ] Listening on cloud-init hotplug hook socket.
[ OK ] Listening on D-Bus System Message Bus Socket.
[ OK ] Listening on Open-iSCSI iscsid Socket.
[ OK ] Listening on Socket unix for snap application lxd.daemon.
[ OK ] Listening on Socket unix f…p application lxd.user-daemon.
Starting Socket activation for snappy daemon...
[ OK ] Listening on UUID daemon activation socket.
[ OK ] Reached target Preparation for Remote File Systems.
[ OK ] Reached target Remote File Systems.
[ OK ] Finished Availability of block devices.
[ OK ] Listening on Socket activation for snappy daemon.
[ OK ] Reached target Socket Units.
[ OK ] Reached target Basic System.
Starting LSB: automatic crash report generation...
[ OK ] Started Regular background program processing daemon.
[ OK ] Started D-Bus System Message Bus.
[ OK ] Started Save initial kernel messages after boot.
Starting Remove Stale Onli…t4 Metadata Check Snapshots...
Starting Record successful boot for GRUB...
[ OK ] Started irqbalance daemon.
Starting Dispatcher daemon for systemd-networkd...
Starting Authorization Manager...
Starting System Logging Service...
Starting Service for snap application lxd.activate...
Starting Snap Daemon...
Starting OpenBSD Secure Shell server...
Starting User Login Management...
Starting Permit User Sessions...
Starting Disk Manager...
[ OK ] Finished Permit User Sessions.
Starting Hold until boot process finishes up...
Starting Terminate Plymouth Boot Screen...
[ OK ] Finished Hold until boot process finishes up.
[ OK ] Started Serial Getty on ttyS0.
Starting Set console scheme...
[ OK ] Finished Terminate Plymouth Boot Screen.
[ OK ] Finished Set console scheme.
[ OK ] Created slice Slice /system/getty.
[ OK ] Started Getty on tty1.
[ OK ] Reached target Login Prompts.
[ OK ] Finished Remove Stale Onli…ext4 Metadata Check Snapshots.
[ OK ] Started System Logging Service.
[ OK ] Finished Record successful boot for GRUB.
[ OK ] Started Authorization Manager.
Starting Modem Manager...
Starting GRUB failed boot detection...
[ OK ] Started LSB: automatic crash report generation.
[ OK ] Started User Login Management.
[ OK ] Started Unattended Upgrades Shutdown.
[ OK ] Finished GRUB failed boot detection.
[ OK ] Started OpenBSD Secure Shell server.
[ OK ] Started Modem Manager.
[ OK ] Started Disk Manager.
[ OK ] Started Dispatcher daemon for systemd-networkd.
Ubuntu 22.04 LTS test-ubuntu ttyS0
test-ubuntu login: [ 97.149059] cloud-init[846]: Cloud-init v. 22.2-0ubuntu1~22.04.3 running 'modules:config' at Mon, 08 Aug 2022 23:41:01 +0000. Up 96.29 seconds.
[ 106.351885] cloud-init[854]: Cloud-init v. 22.2-0ubuntu1~22.04.3 running 'modules:final' at Mon, 08 Aug 2022 23:41:05 +0000. Up 100.57 seconds.
[ 106.933178] cloud-init[854]: Cloud-init v. 22.2-0ubuntu1~22.04.3 finished at Mon, 08 Aug 2022 23:41:11 +0000. Datasource DataSourceNoCloud [seed=/dev/sr0][dsmode=net]. s
qemu-system-x86_64: terminating on signal 15 from pid 3311366 ()
work
ただし、以下を使用またはログインできませんroot
。
# ssh 127.0.0.1 -p 5555 -vv
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:xxxxxx
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ecdsa_sk
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Trying private key: /root/.ssh/id_ed25519_sk
debug1: Trying private key: /root/.ssh/id_xmss
debug1: Trying private key: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).
何が問題なの?
答え1
sudo: true
それは無効です。単に「true」ではなく、実際のルールを指定してください。
~によると文書:
sudo: (文字列/null) 使用する Sudo ルールまたは false。 sudo値が欠落しているかnullの場合、このユーザーのsudoルールは追加されません。廃止予定:false値は2027年4月以降に削除されます。 nullを使用したり、sudoキーを代わりに使用しないでください。
そして例:
users:
- name: newsuper
gecos: Big Stuff
groups: users, admin
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
lock_passwd: true
ssh_import_id:
- lp:falcojr
- gh:TheRealFalcon
sudo: true
このコードスニペットは、あなたの例からその行を削除すると効果的です。