kickstart users and/or groups are not compatible with user-supplied kickstart content when build iso after # 438 mereged
chunfuwen opened this issue · 3 comments
Steps :
- After https://github.com/osbuild/bootc-image-builder/pull/438/files merged, build out one local boot-image-builder
- Prepare one config.json with kickstart contents
cat config.json
{"blueprint": {"customizations": {"user": [{"name": "alice", "password": "bob", "groups": ["wheel"], "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCa26Mh2J+PAxTVSxnBqqYNTsjwJZf7C2b/xzU6VMj5jUb2FOK6fjXI7qXc9CjHINIh++zHEe1/Z4KRHfcnfzdAsfPGUw/stSQEb+9sbziyRJWY/DvDEW5NKQPuBGDY6Pu20aJLLpS8e1Ed2QyPQXxr5eh81gbVACV3VJ+fVTaWS/0W4/CxeJk73o2kNPiqoT6Hs/h3Shs9OpbPiSOayjEoKJ194uYGO5hPF/N4sWt4eH1UQk/ZmWSWBSo1hVV1QIasWHlwjviJFrgcEof6Spng/WFXIbJzIzgnPIUjJ6NZmjvkXeop4IJ1FUQa+nqru+wd5RwE9OaVgUsmBSVDkL52nb6wy7htO+JZmWdXS1xjcHdU/5lHvmSIT6sfRXesNeqpd6HpTphtOnRN2uQ2vsIBYZn8EYx9Xf1G+nAu9V+OyxQCZM/ZrNV6Dwc9+Xda8QVskbzQtBPuGEaoEtB2jkWntjsvibcD0G3RCk= root@dxx.pek2.redhat.com"}], "kernel": {"append": "mitigations=auto,nosmt"}, "installer": {"kickstart": {"contents": "text --non-interactive\nzerombr\nclearpart --all --initlabel --disklabel=gpt\nautopart --noswap --type=lvm\nnetwork --bootproto=dhcp --device=link --activate --onboot=on"}}}}}
- Execute boot-image-builder command as below
sudo podman run --rm -it --privileged --pull=newer --security-opt label=type:unconfined_t -v /var/lib/libvirt/images/output:/output -v /var/lib/libvirt/images/config.json:/config.json localhost/bootc-image-builder:latest --type anaconda-iso --tls-verify=true --config /config.json quay.io/centos-bootc/centos-bootc:stream9 --chown 107:107
Generating manifest manifest-anaconda-iso.json
Trying to pull quay.io/centos-bootc/centos-bootc:stream9...
Getting image source signatures
Copying blob e1fc4a4ee448 done |
...
Writing manifest to image destination
2024/07/05 08:20:07 error: cannot build manifest: cannot get manifest: kickstart users and/or groups are not compatible with user-supplied kickstart content
Thanks for reporting this issue.
This is currently intentional, when using custom kickstart scripts the customization needs to be done via the custom kickstart script too. So in your case the user alice would have to be added to the custom kickstart (@achilleas-k please correct me here if I misremember this).
We may reconsider/rethink this if it's too burdensome on the users. Our rational is that custom kickstarts are very much a poweruser feature and because they are so open-ended merging them and our own kickstart generated from customizations is hard in the general case.
We may reconsider/rethink this if it's too burdensome on the users. Our rational is that custom kickstarts are very much a poweruser feature and because they are so open-ended merging them and our own kickstart generated from customizations is hard in the general case.
Yup, this pretty much sums it up. Merging a custom, open-ended kickstart file from the user with bits that we generate from the blueprint would be quite difficult and probably very error prone. We consider that if users are writing a kickstart file, they're in "expert mode" and will write everything they need themselves.
this is expected behavior