[SRU] Default user created by cloud-init confuses WSLg

The attachment "Attached debdiff for wsl-setup 0.5.3 for Noble" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

I have sponsored the package to oracular first. This one is 0.5.3. I did change the VCS to update debian/changelog. And tag it as v0.5.3.

I have changed the SRU (noble) backport to:
- target noble as release series in the SRU bug.
- have a version that is SRU compatible (it needs to be ealier than the one in oracular, so it’s 0.5.3~24.04)
- not removing previous rebuild upload changelog in noble (we don't really remove changelog in the SRU, to minimize the diff and not remove the package history in a given pocket).

Subscribing SRU team.

Hello Carlos, or anyone else affected,

Accepted wsl-setup into noble-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/wsl-setup/0.5.3~24.04 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-noble to verification-done-noble. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-noble. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

This bug was fixed in the package wsl-setup - 0.5.3

---------------
wsl-setup (0.5.3) oracular; urgency=medium

  * Override cloud-init default_user configuration for Ubuntu distros
    to prevent creation of a default user which confused WSLg (LP: #2065349).

 -- Carlos Nihelton <email address hidden> Thu, 02 May 2024 11:52:43 -0300

Tested the version 0.5.3~24.04 from noble-proposed as described below:

# 1. Set-up an up-to-date rootfs image containing wsl-setup version 0.5.3~24.04 from noble-proposed:

This step is needed because we don't have an up-to-date image and Windows app we can just install and execute the tests as proposed in the bug report above.

- Disable cloud-init via WSL2 kernel command line (to avoid additional changes to the base image).
- Create a new instance without a default user with command: `ubuntu2404.exe install --root`.
- Boot into the instance, enabled proposed and installed *only* wsl-setup via: `apt update && apt-get install wsl-setup/noble-proposed`.
- Clean cloud-init state as a precaution: `cloud-init clean --logs`.
- Exit the WSL instance.
- Exported the instance's root filesystem to generate a new image for testing: `wsl.exe --export Ubuntu-24.04 .\proposed-test.tar.gz`.
- Remove custom WSL2 kernel command line to re-enable cloud-init.
- Shutdown WSL with: `wsl.exe --shutdown`.

# 2. Import the exported image and set it up as running `ubuntu2404.exe` would do:

We need to ensure that there are no applicable user-data files for cloud-init to pick up, as we want to assert the default behavior, i.e. not influenced by any user-data configuration:

- Remove any user-data files in %USERPROFILE%/.cloud-init or %USERPROFILE/.ubuntupro/.cloud-init.
- Import the rootfs as a new instance: `wsl --import Proposed .\proposed\ .\proposed-test.tar.gz`.
- Wait on cloud-init: `wsl -d Proposed cloud-init status --wait`.
- Check if there is any user: `ls /home; id 1000; grep -e '100[0-9]' /etc/passwd` (all must output nothing).
- Install gtk-4-examples: `apt update && apt install -y libgles2 libgl1 gtk-4-examples`
- Create a user: `adduser u`.
- Make that user the default via `/etc/wsl.conf`: `printf "[user]\ndefault=u\n" > /etc/wsl.conf`.
- Exit the instance and terminate it: `wsl.exe -t Proposed`. Terminating the instance is necessary to make the changes in `/etc/wsl.conf` take effect.

# 3. Finally, start the instance and perform the actual test: assert that wayland applications just run.

As originally described, having cloud-init to create the default user would mess with the runtime dir permissions that result in wayland GUI apps to crash during startup.

- Start the instance: `wsl -d Proposed` (the user should now be u - not root).
- Run gtk4-demo with the default backend: `gtk4-demo`
- Run again with the wayland backend: `GDK_BACKEND=wayland gtk4-demo`.

The test result was: the gtk4-demo application is shown in both ways. cloud-init didn't create any default user. Everything worked as expected for this patch.

Note: edited this comment to clarify the structure of the test steps followed in comparison to the test plan proposed in the SRU bug.

Hi @cnihelton,

I'm not familiar with the WSL interaction with cloud-init, so pardon my question.

Your test plan execution seems to have deviated quite a lot from the proposed test plan in the bug description. Any particular reason for this deviation? Is the proposed test plan incomplete, or incorrect?

Your question means that I didn't clarify enough the test I followed and how it related to the original test plan proposed. The gap in understanding is more due WSL specifics than cloud-init itself.

The fundamental difference between what is proposed in the bug report and what I applied manually is: the availability of the Ubuntu-24.04 Windows application with the latest rootfs containing the patched version of this package (wsl-setup), which drastically simplifies the test setup. Of course that can only happen once this patch is merged and a new build of both the rootfs image and the Windows application submitted to the MS Store. So, the proposed test plan is complete and correct, but requires artifacts not available by the time this SRU bug is processed. It's rather applicable as a quality gate prior to the release of Windows app itself and a means of detecting future regression (our CI is capable of performing exactly that test case to detect regressions).

The test I reported in https://bugs.launchpad.net/ubuntu/+source/wsl-setup/+bug/2065349/comments/6 is a manual workflow that behaves as if we had such up-to-date Windows app.

It can be described in a high level structure as:

1. Set up a rootfs containing the latest version of this package (wsl-setup):
    - We create a new instance, update wsl-setup and export a snapshot with the minimum changes possible. Thus, cloud-init must be disabled (otherwise it would run automatically - as a systemd service - and cause more changes to the instance). Also. no other users are created as part of that set up.

2. Import that rootfs image emulating the behavior the Windows application would have (i.e. as if we run `ubuntu2404.exe`)
    - All the steps related to ensuring there is no cloud-init user-data files to be found, `wsl --import`, `adduser` and wait on cloud-init steps. Also the instance shutdown is needed to make the changes in `/etc/wsl.conf` to take effect.

3. Finally, perform the actual test, which is: ensure there is no `ubuntu` user pre-created and Wayland apps work.

I'll edit that comment to clarify that structure, so others, not familiar with WSL specifics, may reason about what that procedure actually achieves.

Thanks for the detailed explanation Carlos, it all makes sense now.

This bug was fixed in the package wsl-setup - 0.5.3~24.04

---------------
wsl-setup (0.5.3~24.04) noble; urgency=medium

  * Override cloud-init default_user configuration for Ubuntu distros
    to prevent creation of a default user which confused WSLg (LP: #2065349).

 -- Carlos Nihelton <email address hidden> Thu, 02 May 2024 11:52:43 -0300

The verification of the Stable Release Update for wsl-setup has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.