Hey!
First of all, apologies if this is not the right place to file the issue. I originally wanted to file this against https://pagure.io/fedora-kiwi-descriptions, but the issue tracker there is disabled.
As for the issue - we use the Vagrant-libvirt image in our upstream systemd CI, and a week or two ago the job that keeps the image up-to-date started failing, because it couldn't boostrap the latest Rawhide image. The issue is also easily reproducible locally:
Vagrant.configure("2") do |config| config.vm.box = "fedora-rawhide-cloud" config.vm.box_url = "https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Cloud/x86_64/images/Fedora-Cloud-Base-Vagrant-libvirt.x86_64-Rawhide-20240325.n.0.vagrant.libvirt.box" config.vm.synced_folder ".", "/vagrant", disabled: true config.vm.provider :libvirt do |libvirt| libvirt.driver = "kvm" libvirt.memory = "4096" libvirt.cpus = 4 libvirt.random :model => "random" libvirt.nested = true libvirt.cpu_mode = "host-model" libvirt.loader = "/usr/share/OVMF/OVMF_CODE.fd" end end
$ vagrant up --no-destroy-on-error Bringing machine 'default' up with 'libvirt' provider... ==> default: No version detected for fedora-rawhide-cloud, using timestamp to watch for modifications. Consider ==> default: generating a local metadata for the box with a version to allow better handling. ==> default: See https://www.vagrantup.com/docs/boxes/format#box-metadata for further details. ==> default: Creating image (snapshot of base box volume). ==> default: Creating domain with the following settings... ==> default: -- Name: rawhide_default ==> default: -- Description: Source: /home/mrc0mmand/vagrant/rawhide/Vagrantfile ==> default: -- Domain type: kvm ==> default: -- Cpus: 4 ==> default: -- Feature: acpi ==> default: -- Feature: apic ==> default: -- Feature: pae ==> default: -- Clock offset: utc ==> default: -- Memory: 4096M ==> default: -- Loader: /usr/share/OVMF/OVMF_CODE.fd ==> default: -- Base box: fedora-rawhide-cloud ==> default: -- Storage pool: default ==> default: -- Image(vda): /home/mrc0mmand/.local/share/libvirt/images/rawhide_default.img, virtio, 5G ==> default: -- Disk driver opts: cache='default' ==> default: -- Graphics Type: vnc ==> default: -- Video Type: cirrus ==> default: -- Video VRAM: 16384 ==> default: -- Video 3D accel: false ==> default: -- Keymap: en-us ==> default: -- TPM Backend: passthrough ==> default: -- INPUT: type=mouse, bus=ps2 ==> default: -- RNG device model: random ==> default: Creating shared folders metadata... ==> default: Starting domain. ==> default: Domain launching with graphics connection settings... ==> default: -- Graphics Port: 5900 ==> default: -- Graphics IP: 127.0.0.1 ==> default: -- Graphics Password: Not defined ==> default: -- Graphics Websocket: 5700 ==> default: Waiting for domain to get an IP address... ==> default: Waiting for machine to boot. This may take a few minutes... default: SSH address: 192.168.122.177:22 default: SSH username: vagrant default: SSH auth method: private key default: default: Vagrant insecure key detected. Vagrant will automatically replace default: this with a newly generated keypair for better security. default: default: Inserting generated public key within guest... default: Removing insecure key from the guest if it's present... default: Key inserted! Disconnecting and reconnecting using new SSH key... ==> default: Machine booted and ready! The following SSH command responded with a non-zero exit status. Vagrant assumes that this means the command failed! sed -i '/#VAGRANT-BEGIN/,/#VAGRANT-END/d' /etc/fstab Stdout from the command: Stderr from the command:
After a bit of digging it looks like the root cause is that the vagrant user is not in the sudoers file (with NOPASSWD set) as is common for the Vagrant boxes, so the sed command above just fails:
vagrant
NOPASSWD
sed
$ sudo su - We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. For security reasons, the password you type will not be visible. [sudo] password for vagrant: vagrant is not in the sudoers file.
I.e. it's missing the /etc/sudoers.d/vagrant drop-in which other Vagrant images usually ship:
/etc/sudoers.d/vagrant
# cat /etc/sudoers.d/vagrant Defaults:vagrant !requiretty vagrant ALL=(ALL) NOPASSWD: ALL
This makes the image pretty much unusable (at least via the usual means).
Metadata Update from @ngompa: - Issue assigned to ngompa
Thank you for testing this, we'll get this fixed straight away.
This should be fixed now with tonight's F40 and Rawhide composes. Please test tomorrow's built images and let us know if the problem is resolved.
I just gave it a spin and it indeed seems that the problem is gone, thank you!
Metadata Update from @mrc0mmand: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.