Unable to login to Live ISO after installing Docker [Linux Mint]

[gbardini]

Description

After install docker-ce on pre iso, when de project is complete and i try to boot the iso, instead of log in directly in the Live User Session, the SO asks for his password (and none of the try worked, i tried "mint", empty)

What you have tried Tried to use "mint" password and empty.

Steps you already took.

Expected behavior I want the SO to automatically log in into the Live User Session, dont want to create any custom user. All the configuration i need im using /etc/skel

OS Information (please complete the following information):

• OS/Distro Name: [Mint XFCE]
• OS Version [Mint 21.10]

Cubic Information (please complete the following information):

• Cubic Version: [e.g. 2023.04.80 from the About dialog]
• ISO Customizing: []
• Download Link: https://linuxmint.com/edition.php?id=302

[PJ-Singh-001]

The only change you made was install docker?

Can you share the commands you used to customize the Linux file system, so I can attempt to recreate your situation?

[gbardini]

I have installed many packages and configured a particular "desktop" on /etc/skel. But since i started having this problem i tried many times generate the iso, installing package by package and found out that the problem happens only after i install docker-ce, docker-ce-cli and containerd.io. The other packages i have installed are: jdk8, openssh-server, firebird 2.5.

But if you want to attempt to recreate the situation On chroot environment in a fresh mint xfce 21 iso you can follow the docker installation.

1) necessary applications

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg

2) docker keyring

sudo mkdir -m 0755 -p /etc/apt/keyrings
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

3) docker repo

echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Observation: you need manually edit /etc/apt/sources.list.d/docker.list (where is "vera" without quotes, replace by "jammy" without quotes either

4) install docker

apt install docker-ce docker-ce-cli container.io

When you generate the iso, and try to boot you will see that he dont logs directly in live user session, he asks for his password

[PJ-Singh-001]

OK. I'll try this out on my end. May take a while before I can get to it.

[gbardini]

Thank you very much, Sir!

[PJ-Singh-001]

I did an initial experiment to determine if Cubic was doing something that affected the automatic login behavior of the generated Live ISO.

• Test ISO: linuxmint-21.1-xfce-64bit.iso
• Download URL: https://mirrors.kernel.org/linuxmint/stable/21.1/linuxmint-21.1-xfce-64bit.iso

Test # 1

I did not make any changes in Cubic's Terminal environment, and I accepted all defaults in Cubic. (Although I did select LZ4 compression to make the generation process go faster).

The resulting ISO did automatically log into the Live User account. I also tested logging out of the Live User account, and I was able to log back into the Live User account without being prompted for a password.

This establishes a baseline and indicates that the changes you made in Cubic's Terminal environment may have impacted the behavior of the Live ISO. I will investigate this next.

[PJ-Singh-001]

Test # 2

This time I made the following changes in Cubic's Terminal environment, and I accepted all defaults in Cubic. (Although I did select LZ4 compression to make the generation process go faster).

apt update
apt install ca-certificates curl gnupg

The resulting ISO did automatically log into the Live User account. I also tested logging out of the Live User account, and I was able to log back into the Live User account without being prompted for a password.

This establishes that updating and adding some packages (without upgrading) in Cubic's Terminal environment does not impact the behavior of the Live ISO.

[PJ-Singh-001]

Test # 3

In this test, I installed some packages, added the repository for Docker, and installed Docker in Cubic's Terminal environment. As before, I accepted all defaults in Cubic. (Although I did select LZ4 compression to make the generation process go faster).

Note some corrections to your original commands. Also, remember that you are already root so you do not need to add sudo .

apt update
apt install ca-certificates curl gnupg

# The directory /etc/apt/keyrings already exists, so no need to create it.
# mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg

# Note: You need a space before $VERSION_CODENAME in the following command.
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu"$(. /etc/os-release && echo " $VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null

# Replace "vera" with "jammy", as you observed.
sed -i "s|vera|jammy|g" /etc/apt/sources.list.d/docker.list

apt update

# I think you meant "containerd.io" instead of "container.io".
apt install docker-ce docker-ce-cli containerd.io

The resulting ISO did not automatically log into the Live User account.

This establishes that installing Docker in Cubic's Terminal environment does impact the behavior of the Live ISO for Linux Mint 21.1 XFCE.

[PJ-Singh-001]

The next step will be to figure out how the installation of Docker impacts the Live ISO and if we can re-enable the Live User with automatic login?

[gbardini]

Crazy, isnt?

[gbardini]

I don't know if this link can help https://answers.launchpad.net/cubic/+question/680574

2 and #3

[gbardini]

I've opened the link of the #4 answer but my intention is not create a default user on system, you know?

[PJ-Singh-001]

I've opened the link of the #4 answer but my intention is not create a default user on system, you know?

Yes. I expected that you do not want to create a default user. I'll continue the analysis when I get some time to see if the issue can be remedied.

[PJ-Singh-001]

Your link to my previous answer in Launchpad led me to the solution...

---

Investigation

In the Linux Mint Live Environment, before installing Docker, we see that:

• The Linux Mint Live Environment user is "mint".
• The user id is 999.
• This user belongs to the group "mint".
• The "mint" group id is 999.

We can confirm this in a Terminal in the Linux Mint Live Environment:

getent passwd mint

# mint:x:999:999:Live session user,,,:/home/mint:/bin/bash

getent group mint

# mint:x:999:

Because the "mint" user is created when the ISO boots up, this user does not exist in Cubic's Virtual Environment.

In Cubic, after installing Docker, we see that:

• There is no "docker" user.
• However, there is a "docker" group.
• The "docker" group id is 999.

We can confirm this in Cubic's Terminal environment:

getent passwd docker

getent group docker

# docker:x:999:

---

The Issue

You are not able to log into the Linux Mint Live Environment because it expects the "mint" user to have id 999 with group id 999, but this conflicts with the existing "docker" group with id 999.

The Solution

To solve this problem, we could simply change the group id of the "docker" group. However, the Docker installer may create files owned by group 999, so changing this id will leave files with the incorrect ownership.

Therefore, a better approach would be to:

1. Create a temporary user with id 999 and a temporary group with group id 999.
2. Then Install Docker. The Docker installation will automatically select a different group id, because 999 will be taken.
3. Remove the temporary user with id 999 and the temporary group with group id 999.

---

Solution Steps

Here are the commands:

1. Create a temporary user.

   adduser --system --no-create-home --uid 999 --group temp_user
   
   # Adding system user `temp_user' (UID 999) ...
   # Adding new group `temp_user' (GID 999) ...
   # Adding new user `temp_user' (UID 999) with group `temp_user' ...
   # Not creating home directory `/home/temp_user'.
   
   getent passwd 999
   
   # temp_user:x:999:999::/home/temp_user:/usr/sbin/nologin
   
   getent group 999
   
   # temp_user:x:999:

2. Install Docker.

   Install Docker following the same instructions as above.

   apt update
   apt install ca-certificates curl gnupg
   
   curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
   
   echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu"$(. /etc/os-release && echo " $VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
   
   # Replace "vera" with "jammy", as you observed.
   sed -i "s|vera|jammy|g" /etc/apt/sources.list.d/docker.list
   
   apt update
   
   apt install docker-ce docker-ce-cli containerd.io

   Confirm that the new Docker group does not use group id 999.

   getent group docker
   
   # docker:x:998:

   We can see that the docker group id is now 998.

3. Remove the temporary user and temporary group.

   deluser --remove-all-files temp_user
   
   # Looking for files to backup/remove ...
   # . . .
   # Removing user `temp_user' ...
   # Warning: group `temp_user' has no more members.
   # Done.

   Confirm that the temporary user and temporary group were removed.

   getent passwd temp_user
   
   getent group temp_user

   This will free user id 999 and group id 999 for use by the "mint" user in the Live Environment.

4. Finally, generate the customized ISO in Cubic, and test.