On 14 Jul 2014, at 17:07, Karanbir Singh <mail-lists at karan.org> wrote: > On 07/14/2014 04:54 PM, Nux! wrote: > >> Maybe it would be good, for a while, to have both root and cloud-user accounts active? Not sure how this would actually work in reality (ie how the cloud platforms and supporting scripts would deal with it). > > for places we end up with cloud-init, that isnt a problem since you can > pass in metadata that disables the 'root disable' option and also > disable the 'default user' option that creates another user. > > I am not sure how that will work for the sudoers entry though, but its > worth a look > Leave the sudoers entry to cloud-init, as they do in Fedora. This is what I have at present as the system_info entry in the cloud.cfg system_info: default_user: name: centos lock_passwd: true gecos: CentOS Cloud User groups: [wheel, adm] sudo: ["ALL=(ALL) NOPASSWD:ALL"] shell: /bin/bash distro: rhel paths: cloud_dir: /var/lib/cloud templates_dir: /etc/cloud/templates ssh_svcname: sshd