search

canonical / tdx

Intel confidential computing - TDX
GNU General Public License v3.0
93 stars 39 forks source link

ERROR: Failed to configure cloud init. Please check logfile "/tmp/tdx-guest-setup.txt" for more information. #259

Open joshwyant opened 5 days ago

joshwyant commented 5 days ago

Describe the bug If user installs missing packages, ./create-td-image.sh stops working. You get: ERROR: Failed to configure cloud init. Please check logfile "/tmp/tdx-guest-setup.txt" for more information.

logfile:

=== tdx guest image generation === 

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?

To Reproduce Steps to reproduce the behavior:

  1. On fresh Ubuntu Server install, don't yet install guestfs-tools virt-manager genisoimage (mentioned in issue #258)
  2. ./create-td-image.sh step in readme - should show: ERROR: virt-customize is not installed then on next run, ERROR: virt-install is not installed then on next run, ERROR: genisoimage is not installed
  3. Install the missing packages: 
    sudo apt install -y guestfs-tools virt-manager genisoimage

    and retry

I try 

sudo usermod -G libvirt -a $USER
newgrp libvirt

(not sure if it's the issue or not), but I still get the error. I then tried removing the logfile before continuing, and it seems to work.

Expected behavior Should just work

syncronize-issues-to-jira[bot] commented 5 days ago

Thank you for reporting us your feedback!

The internal ticket has been created: https://warthogs.atlassian.net/browse/PEK-1439.

This message was autogenerated

joshwyant commented 5 days ago

More info: Typical error is:

./create-td-image.sh: line 303: /tmp/tdx-guest-setup.txt: Permission denied
./create-td-image.sh: line 309: /tmp/tdx-guest-setup.txt: Permission denied
./create-td-image.sh: line 314: /tmp/tdx-guest-setup.txt: Permission denied
INFO: Installation of required tools
--2024-10-31 02:19:37--  https://cloud-images.ubuntu.com/releases/noble/release//SHA256SUMS
Resolving cloud-images.ubuntu.com (cloud-images.ubuntu.com)... 2620:2d:4000:1::1a, 2620:2d:4000:1::17, 185.125.190.40, ...
Connecting to cloud-images.ubuntu.com (cloud-images.ubuntu.com)|2620:2d:4000:1::1a|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7605 (7.4K)
Saving to: ‘/home/josh/src/tdx/guest-tools/image/SHA256SUMS’

/home/josh/src/tdx/guest-tools/imag 100%[================================================================>]   7.43K  --.-KB/s    in 0.002s  

2024-10-31 02:19:38 (4.60 MB/s) - ‘/home/josh/src/tdx/guest-tools/image/SHA256SUMS’ saved [7605/7605]

--2024-10-31 02:19:38--  https://cloud-images.ubuntu.com/releases/noble/release//ubuntu-24.04-server-cloudimg-amd64.img
Resolving cloud-images.ubuntu.com (cloud-images.ubuntu.com)... 2620:2d:4000:1::17, 2620:2d:4000:1::1a, 185.125.190.37, ...
Connecting to cloud-images.ubuntu.com (cloud-images.ubuntu.com)|2620:2d:4000:1::17|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 587241984 (560M) [application/octet-stream]
Saving to: ‘/home/josh/src/tdx/guest-tools/image/ubuntu-24.04-server-cloudimg-amd64.img’

/home/josh/src/tdx/guest-tools/imag 100%[================================================================>] 560.04M  25.5MB/s    in 24s     

2024-10-31 02:20:03 (23.3 MB/s) - ‘/home/josh/src/tdx/guest-tools/image/ubuntu-24.04-server-cloudimg-amd64.img’ saved [587241984/587241984]

SUCCESS: Verify the checksum for Ubuntu cloud image.
SUCCESS: Copy the ubuntu-24.04-server-cloudimg-amd64.img => /tmp/tdx-guest-tmp.qcow2
Image resized.
[   0.0] Examining the guest ...
[  22.1] Setting a random seed
virt-customize: warning: random seed could not be set for this type of 
guest
[  22.1] Setting the machine ID in /etc/machine-id
[  22.1] Running: growpart /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_hd0 1
[  24.0] Running: resize2fs /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_hd0-part1
[  26.1] Running: systemctl mask pollinate.service
[  26.2] SELinux relabelling
[  26.4] Finishing off
SUCCESS: Resize the guest image to 50G
/home/josh/src/tdx/guest-tools/image/cloud-init-data /home/josh/src/tdx/guest-tools/image
INFO: Generate configuration for cloud-init...
I: -input-charset not specified, using utf-8 (detected in locale settings)
Total translation table size: 0
Total rockridge attributes bytes: 331
Total directory bytes: 0
Path table size(bytes): 10
Max brk space used 0
183 extents written (0 MB)
INFO: Apply cloud-init configuration with virt-install...
INFO: (Check logfile for more details /tmp/tdx-guest-setup.txt)
/home/josh/src/tdx/guest-tools/image
./create-td-image.sh: line 224: /tmp/tdx-guest-setup.txt: Permission denied
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
qemu-system-x86 is already the newest version (1:8.2.2+ds-0ubuntu2+tdx1.0).
0 upgraded, 0 newly installed, 0 to remove and 40 not upgraded.
./create-td-image.sh: line 224: /tmp/tdx-guest-setup.txt: Permission denied
WARN: Please increase wait time(--wait=12) above and try again...
ERROR: Failed to configure cloud init. Please check logfile "/tmp/tdx-guest-setup.txt" for more information.
INFO: Cleanup!

This is why I later try to remove the logfile, and it seemed to work. Not sure if I needed to add myself to libvirt group or not.

frenchwr commented 5 days ago

See comment from https://github.com/canonical/tdx/issues/258, the script must be run with sudo. Please let us know if this helps.

BFuhry commented 1 day ago

@frenchwr Can you add a check for sudo in the script and fail explicitly?