Add local user at launch

What is the best way to add the local user (the one who runs lxc launch ...) and its ssh key at container launch time? The idea is to host a generic image (and if necessary) profile on some remote lxd host
and then when a user pulls the container and launches it, his user and ssh key are automaticaly added to the container. One Idea was to use cloud-init (in a profile):

$› lxc profile show cloud
  user.user-data: |
     - name: $USER
description: ""
devices: {}
name: cloud

And then:

lxc launch ubuntu:18.04 -p default -p cloud

This creates the user $USER

Is there a way to get the current user without the user having to create another profile himself?

I’ve been creating users in new containers with a program which builds a shell script and executes it in the container, by passing it as input to “lxc exec sh” I also push the current user’s authorized_keys to the user’s $HOME/.ssh/ directory in the container, by using “lxc file push” (and then executing another script to fix the ownership of the file). The script runs commands like “adduser”, “chown”, “mkdir”, etc. It also optionally generates an /etc/sudoers.d/ file.

Using the calling user’s name, (and perhaps uid and gid) is a nice idea. You can get those properties by running the “id” command.

I avoid cloud-init, because it only runs on certain images, and I find it difficult to debug. It doesn’t run on Alpine, and I would not want to run it there, if I can do the same things from outside the container.

I do use a fixed profile to that runs cloud-init in order to disable creating users. For example, I skip creating the “ubuntu” user on ubuntu containers, by specifying this profile:

  user.user-data: |
    users: []
description: empty ubuntu configuration
name: ubuntu
used_by: []

Thanks for your input. I see your point in avoiding cloud-init, as we provide our own
‘from scratch’ images we would need to install cloud-init anyway.

Looks like there is no other way than writing some glue code around
lxd even dough I wanted to avoid this :slight_smile: