下面的yml脚本启动一个EC2实例,该实例允许我使用与ssh_authorized_keys对应的.pem文件登录。
- name: myuser
primary_group: mygroup
sudo: false
lock_passwd: true
ssh_authorized_keys:
- ssh-rsa ALDLKDSDF...
但是,如果我设置sudo: true,实例将不允许我ssh(身份验证失败)。如果我也设置lock_passwd: false,同样成立。什么好主意吗?
来自Cloud配置示例- Cloud -init文档:
# sudo: Defaults to none. Accepts a sudo rule string, a list of sudo rule
# strings or False to explicitly deny sudo usage. Examples:
#
# Allow a user unrestricted sudo access.
# sudo: ALL=(ALL) NOPASSWD:ALL
#
# Adding multiple sudo rule strings.
# sudo:
# - ALL=(ALL) NOPASSWD:/bin/mysql
# - ALL=(ALL) ALL
#
# Prevent sudo access for a user.
# sudo: False
#
# Note: Please double check your syntax and make sure it is valid.
# cloud-init does not parse/check the syntax of the sudo
# directive.
因此,没有sudo的true选项.