Comment 112 for bug 1569237

Thanks.
It works well.

Chris Glass <email address hidden>于2018年1月13日 周六16:20写道：

> This bug is now fixed in ubuntu/xenial64 v20180112.0.0.
>
> Update your vagrant boxes:
>
> vagrant box update
> vagrant up
> vagrant ssh
>
> (notice you're "vagrant").
>
> ** Changed in: cloud-images/x-series
> Status: Fix Committed => Fix Released
>
> ** Changed in: cloud-images/trunk
> Status: Fix Committed => Fix Released
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1569237
>
> Title:
> vagrant xenial box is not provided with vagrant/vagrant username and
> password
>
> Status in cloud-images:
> Fix Released
> Status in cloud-images trunk series:
> Fix Released
> Status in cloud-images x-series series:
> Fix Released
> Status in vagrant:
> Invalid
> Status in Xenial Backports:
> New
> Status in livecd-rootfs package in Ubuntu:
> Fix Released
> Status in livecd-rootfs source package in Xenial:
> Fix Released
>
> Bug description:
> It is Vagrant convention that the default user is named "vagrant"[0],
> and a whole host of scripts assume this to be the default.
>
> The xenial box is substantially less useful to Vagrant users with the
> "ubuntu" user as the default.
>
> [0] Search for "user to SSH" in
> https://www.vagrantup.com/docs/boxes/base.html.
>
> ------------
>
> Xenial SRU:
>
> [impact]
>
> * An additional "vagrant" user is available in the created image once
> the proposed patch is applied. The normal "ubuntu" user is also
> available, and is conforming to the "ubuntu experience" (it requires
> cloud-init or another mechanism to be given keys/a password).
>
> * The vagrant boxes produced by livecd-rootfs hooks do not conform to
> the vagrant community's guidelines for box creation, leading vagrant
> users to use non-official (unaudited) boxes instead, where a "vagrant"
> user can be found.
>
> * A large portion of vagrant automation (3rd party tools, scripts)
> rely on the presence of a "vagrant" user conforming to the above
> guidelines. The official ubuntu images are ones of the very few not
> conforming to the expected user layout.
>
> * The official Ubuntu trusty image previously offered a "vagrant"
> user, and that was lost or omitted when migrating xenial+ to a new
> build system. This could be considered a regression, although
> historical context of that change is unfortunately not available
> anymore.
>
> [test case]
>
> From a fresh Ubuntu install:
>
> * sudo apt install vagrant
>
> * vagrant init ubuntu/xenial64
>
> * vagrant up
>
> * vagrant ssh
>
> notice the user being logged in as is "ubuntu"
>
> With either ubuntu/artful64 or ubuntu/trusty64, the same steps log the
> user in as "vagrant".
>
> An image with the proposed changes was built and uploaded as
> "tribaal/xenial64".
>
> [Regression potential]
>
> * Users who worked around this behavior in their automation are the
> most at-risk. They might not be able to login to their boxes anymore,
> if they worked around by extracting the ubuntu password from the box
> metadata. If they worked around the problem using cloud-init, no
> regression will be visible.
>
> * The changes introduce a new insecure user, users having worked
> around the problem on their own might be be unaware of this.
>
> * The general consensus in the vagrant community is to install third-
> party boxes instead of spending time to try and workaround the
> problems with the official ubuntu boxes, so it is likely to be a
> limited real-world impact.
>
> * The change might affect exotic systems where people for some reason
> decided to build a non-vagrant machine out of our official vagrant
> image
>
> Note that these regressions will apply to users upgrading their
> installations to future releases (artful, bionic, and later).
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/cloud-images/+bug/1569237/+subscriptions
>