Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

--root-ssh-authorized-keys not work on the firstboot #358

Closed
shi2wei3 opened this issue Feb 22, 2024 · 5 comments · Fixed by CentOS/centos-bootc#440
Closed

--root-ssh-authorized-keys not work on the firstboot #358

shi2wei3 opened this issue Feb 22, 2024 · 5 comments · Fixed by CentOS/centos-bootc#440
Labels
area/install Issues related to `bootc install` bug Something isn't working triaged This looks like a valid issue

Comments

@shi2wei3
Copy link

First boot:

# systemctl status systemd-tmpfiles-setup.service
● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
     Loaded: loaded (/usr/lib/systemd/system/systemd-tmpfiles-setup.service; static)
     Active: active (exited) since Thu 2024-02-22 14:51:03 UTC; 2min 21s ago
       Docs: man:tmpfiles.d(5)
             man:systemd-tmpfiles(8)
    Process: 567 ExecStart=systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=73)
   Main PID: 567 (code=exited, status=73)
        CPU: 162ms

Feb 22 14:51:03 localhost systemd[1]: Starting Create Volatile Files and Directories...
Feb 22 14:51:03 localhost systemd-tmpfiles[567]: "/root" already exists and is not a directory.
Feb 22 14:51:03 localhost systemd-tmpfiles[567]: Failed to open path '/root', ignoring: No such file or directory
Feb 22 14:51:03 localhost systemd-tmpfiles[567]: Failed to open path '/root/.ssh': No such file or directory
Feb 22 14:51:03 localhost systemd-tmpfiles[567]: "/home" already exists and is not a directory.
Feb 22 14:51:03 localhost systemd-tmpfiles[567]: "/srv" already exists and is not a directory.
Feb 22 14:51:03 localhost systemd[1]: Finished Create Volatile Files and Directories.

# ls -a /etc/tmpfiles.d/bootc-root-ssh.conf
/etc/tmpfiles.d/bootc-root-ssh.conf
# ls -a /root/
.  ..  .lesshst

Second boot:

# ls -a /root/
.  ..  .bash_history  .lesshst  .ssh
@cgwalters cgwalters added bug Something isn't working area/install Issues related to `bootc install` triaged This looks like a valid issue labels Feb 28, 2024
@cgwalters
Copy link
Collaborator

OK yeah I think the main failure may start from here

Feb 22 14:51:03 localhost systemd-tmpfiles[567]: "/root" already exists and is not a directory.

Possible fixes:

cgwalters added a commit to cgwalters/centos-bootc that referenced this issue Feb 28, 2024
@cgwalters
basic-fixes: Tweak /usr/lib/tmpfiles.d/provision.conf
94baee7 
This ensures that systemd's creation of `/root` works instead
of falling back to what we have in
`/usr/lib/tmpfiles.d/rpm-ostree-0-integration.conf` for
`d /var/roothome 0700 root root -` which in turn ensures
that both the credential values as well as bootc's injection
of a tmpfiles.d snippet for root SSH key works.

containers/bootc#358
cgwalters added a commit to cgwalters/centos-bootc that referenced this issue Feb 28, 2024
@cgwalters
basic-fixes: Tweak /usr/lib/tmpfiles.d/provision.conf
99dab23 
This ensures that systemd's creation of `/root` works instead
of falling back to what we have in
`/usr/lib/tmpfiles.d/rpm-ostree-0-integration.conf` for
`d /var/roothome 0700 root root -` which in turn ensures
that both the credential values as well as bootc's injection
of a tmpfiles.d snippet for root SSH key works.

containers/bootc#358
Signed-off-by: Colin Walters <[email protected]>
@cgwalters cgwalters mentioned this issue Feb 28, 2024
Merged
cgwalters added a commit to cgwalters/centos-bootc that referenced this issue Feb 28, 2024
@cgwalters
basic-fixes: Tweak /usr/lib/tmpfiles.d/provision.conf
1688a6f 
This ensures that systemd's creation of `/root` works instead
of falling back to what we have in
`/usr/lib/tmpfiles.d/rpm-ostree-0-integration.conf` for
`d /var/roothome 0700 root root -` which in turn ensures
that both the credential values as well as bootc's injection
of a tmpfiles.d snippet for root SSH key works.

containers/bootc#358
Signed-off-by: Colin Walters <[email protected]>
@shi2wei3
Copy link
Author

shi2wei3 commented Mar 4, 2024
edited
Loading

I can still see the error messages on first boot, but it's different from the original error messages since it won't tell us /root is not found.

Mar 04 06:46:30 localhost systemd-tmpfiles[562]: /usr/lib/tmpfiles.d/rpm-ostree-0-integration.conf:3: Duplicate line for path "/var/roothome", ignoring.
Mar 04 06:46:30 localhost systemd-tmpfiles[562]: Failed to open path '/root/.ssh': No such file or directory
Mar 04 06:46:30 localhost systemd-tmpfiles[562]: "/home" already exists and is not a directory.
Mar 04 06:46:30 localhost systemd-tmpfiles[562]: "/srv" already exists and is not a directory.

@cgwalters
Copy link
Collaborator

Thanks hmm...I thought this was working for me, but yes, let's add an e2e CI test that is gating on this working (cc #373 )

mvo5 added a commit to mvo5/centos-bootc that referenced this issue Mar 18, 2024
@mvo5
basic-fixes: Tweak tmpfiles.d/rpm-ostree-0-integration.conf
55c2fc0 
As a followup for CentOS#371
this PR tweaks `tmpfiles.d/rpm-ostree-0-integration.conf` too so
that there is only a single /var/roothome line for tmpfiles.d.

This should fix containers/bootc#358
mvo5 added a commit to mvo5/centos-bootc that referenced this issue Mar 18, 2024
@mvo5
basic-fixes: Tweak tmpfiles.d/rpm-ostree-0-integration.conf
7a37c9e 
As a followup for CentOS#371
this PR tweaks `tmpfiles.d/rpm-ostree-0-integration.conf` too so
that there is only a single /var/roothome line for tmpfiles.d.

This should fix containers/bootc#358
@mvo5 mvo5 mentioned this issue Mar 18, 2024
Merged
@mvo5
Copy link
Contributor

mvo5 commented Mar 18, 2024

I opened CentOS/centos-bootc#440 - I hope this fixes it (did not do an end-to-end test, sorry!). I want to use the --root-ssh-authorized-keys to test osbuild/images#462 :)

mvo5 added a commit to mvo5/centos-bootc that referenced this issue Mar 18, 2024
@mvo5
basic-fixes: Tweak tmpfiles.d/rpm-ostree-0-integration.conf
a953b5d 
As a followup for CentOS#371
this PR tweaks `tmpfiles.d/rpm-ostree-0-integration.conf` too so
that there is only a single /var/roothome line for tmpfiles.d.

This should fix containers/bootc#358
mvo5 added a commit to mvo5/centos-bootc that referenced this issue Mar 18, 2024
@mvo5
basic-fixes: Tweak tmpfiles.d/provision.conf
8ee104d 
As a followup for CentOS#371
this PR tweaks `tmpfiles.d/provision.conf` so
that there is only a single /var/roothome line for tmpfiles.d

As it is both provision.conf and rpm-ostree-0-integration.conf
define the same dir.

This should fix containers/bootc#358
@mvo5
Copy link
Contributor

mvo5 commented Mar 20, 2024

This may need a final tweak #407 - I still saw an issue when testing this but it seems the linked PR fixes it for me (but maybe there is a better way or I am missing something?)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/install Issues related to `bootc install` bug Something isn't working triaged This looks like a valid issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

basic-fixes: Tweak basic-fixes: Tweak tmpfiles.d/provision.conf mvo5/centos-bootc
3 participants
@cgwalters @mvo5 @shi2wei3