It is true that when using the same disks on Azure, if we attach them to a new instance, new values should be copied from /dev/sr0.
But there are two scenarios where /dev/sr0 does not exist.
1. The new instance already booted before on Azure and the disks were swapped. /dev/sr0 only exists on the first boot. (This behavior can also be simulated on Azure by editing the instance id file manually, although this is not a "real behavior" case)
2. The disks are exported outside Azure, /dev/sr0 does not exist, DataSourceAzure still loads and finds /var/lib/waagent/ovf-env.xml.
Regarding "1" - I guess if you use Azure "correctly" as you said yourself, this should not happen to you.
Hi,
I will attach logs soon.
The password will never be set to REDACTED, instead it will be as if the user did not supply a password and the specified username will instead be locked: /github. com/cloud- init/cloud- init/commit/ 8af1802c9971ec1 f2ebac23e9b42d5 b42f43afae# diff-e0eb215db2 6e21dbe2d98455f ea68595R601
https:/
It is true that when using the same disks on Azure, if we attach them to a new instance, new values should be copied from /dev/sr0.
But there are two scenarios where /dev/sr0 does not exist.
1. The new instance already booted before on Azure and the disks were swapped. /dev/sr0 only exists on the first boot. (This behavior can also be simulated on Azure by editing the instance id file manually, although this is not a "real behavior" case)
2. The disks are exported outside Azure, /dev/sr0 does not exist, DataSourceAzure still loads and finds /var/lib/ waagent/ ovf-env. xml.
Regarding "1" - I guess if you use Azure "correctly" as you said yourself, this should not happen to you.
Regarding "2" - This happens in Ubuntu 14 but not in Ubuntu 16 due to the following commit: /github. com/cloud- init/cloud- init/commit/ 5fb49bacf7441d8 d20a7b4e0e7008c a586f5ebab
https:/
which does not allow DataSourceAzure to run outside Azure, however this was not backported to cloud-init 0.7.5 which is available for Ubuntu.
I think that by correcting the code to:
if password:
defuser[ 'lock_passwd' ] = False REDACTION != password:
defuser[ 'passwd' ] = encrypt_ pass(password)
if DEF_PASSWD_
We fix the following configuration:
First boot: pass(password) ,
'lock_ passwd' : False
'lock_ passwd' : True
defuser = {
'name': username,
'passwd': encrypt_
}
Subsequent boots:
defuser = {
'name': username,
}
to:
First boot: pass(password) ,
'lock_ passwd' : False
'lock_ passwd' : False
defuser = {
'name': username,
'passwd': encrypt_
}
Subsequent boots:
defuser = {
'name': username,
}
Sam