Changing user during vagrant provisioning

Question

I want to use vagrant to setup developer machines. Since the machine will talk to the servers inhouse, I thought it a good idea that they are setup with the same usernames the developers have on their host machine. I'm having trouble figuring out how to handle this in the provisioning step.

My simple Vagrantfile looks like this:

VAGRANT_COMMAND = ARGV[0]

Vagrant.configure(2) do |config|
  user = ENV['USER']
  config.vm.box = "ubuntu/trusty64"
  config.vm.provision :shell, :path => "bootstrap.sh", :args => user
  config.ssh.username = user
  config.ssh.password = "heimskringla"
  config.vm.synced_folder "~/src/", "/home/" + user + "/src"
  config.vm.provision "file", source: "~/.gitconfig", destination: "/home/" + user + "/.gitconfig"
  config.vm.provision "file", source: "~/.ssh", destination: "/home/" + user + "/.ssh"
end

bootstrap.sh takes $USER from the host machine as an input. If the user does not exist in the Vagrant machine, it is created and added to /etc/sudoers.d.

If I start with a clean slate and run "Vagrant up" on this, it starts using $USER at once, and since it does not exist yet, the setup fails.

As a test I've tried doing this:

if VAGRANT_COMMAND != "up"
  config.ssh.username = user
  config.ssh.password = "changeme"
end

Then the provisioning in bootstrap.sh works. The user is created, and my packages are installed. When it gets to the file and synced folder provisioning, however, it fails because of permission issues.

Failed to upload a file to the guest VM via SCP due to a permissions error. This is normally because the SSH user doesn't have permission to write to the destination location. Alternately, the user running Vagrant on the host machine may not have permission to read the file.

I've tried doing "su $USER" in the bottom of bootstrap.sh, but that is apparently not the way it works.

Anyone know how I can fulfill my needs?

EDIT: possible solution

I decided not to work so hard to change Vagrant, and tried to use the vagrant user. Now I have the following Vagrantfile:

Vagrant.configure(2) do |config|
    config.vm.box = "ubuntu/trusty64"
    config.vm.provision :shell, :path => "vagrant/bootstrap.sh"
    config.vm.synced_folder "~/src/", "/home/vagrant/src"
    config.vm.provision "file", source: "~/.gitconfig", destination: ".gitconfig"
    config.vm.provision "file", source: "~/.ssh", destination: ".ssh-from-host-machine"
    config.vm.provision "file", source: "vagrant/.bash_aliases", destination: ".bash_aliases"
    config.vm.provision :shell, privileged: false, :path => "vagrant/bootstrap_late.sh"
end

bootstrap.sh installs required packages, and bootstrap_late.sh does necessary setup for the vagrant user. This includes adding the ssh configs that makes it use $USER when talking to the server.

how do you create the user in bootstrap ? do you specify the home directory so it is created. do you also create the /src folder ? — Frederic Henri, Sep 03 '15 at 07:46
I create the user with useradd from bootstrap.sh. Tried both with and without creating user dir. The synced folder is added by Vagrant early, so it creates $HOME/$USER before any provisioning. — anr78, Sep 03 '15 at 09:24
@anr78 `.ssh` folder has 700 permissions by default. So obviously it won't work without `privileged: true`. However, why do you copy content of `.ssh` folder? Have you tried ssh agent forwarding instead? — Konstantin, Sep 04 '15 at 04:26
@Alik It's not the shell provisioner that fails, it's the file provisioner, and that one runs as the vagrant user by default. Perhaps something in the sudoers setup allows vagrant to do it? Haven't tried ssh agent forwarding because I didn't know about it :) — anr78, Sep 04 '15 at 06:13
@anr78 ouch, I haven't read your question carefully. Use file provisioner to copy your files into a temp folder, then shell provisioner to copy into `.ssh`. — Konstantin, Sep 04 '15 at 06:41
@anr78 still I highly recommend you to use ssh agent forwarding. — Konstantin, Sep 04 '15 at 12:09

Changing user during vagrant provisioning

0 Answers0