I can confirm in Ubuntu cloudimages on LXD that do-release-upgrade across Jammy -> Noble succeeds having run cloud-init on first image launch in Jammy, removing the cache due to python3 version upgrade, and redetecting LXD datasource config on reboot into Noble with proper instance-id detection.
In this scenario where cloud-init was run before upgrade, /var/lib/cloud/data/previous-iid cache recorded LXD platform's instance- id on first boot, and across upgrade cloud-init determines that instance-id had no delta and doesn't need to run again. Nick mentioned in comment #13 that cloud-init is being installed across the upgrade path to noble in Xubuntu due to "Recommends: cloud-init". In the Xubuntu 22.04 -> 24.04 scenario, across reboot into 24.04, there is no cached /var/lib/cloud/data/previous-iid because cloud-init has never run in this image, so the boot of 24.04 triggers cloud-init to attempt to detect datasources, finds potential LXD datasource, so it tries to run as a 'new instance first boot' which applies cloud-init defaults from /etc/cloud/cloud.cfg which states "lock_passwd: true" for the ubuntu user. So, if cloud-init is being pulled in during do-release-upgrade where it wasn't previously installed, I think we may need to think of a path/hook in do-release-upgrade that can leave cloud-init in a disabled state in that image (because it wasn't originally run in the original image) as it will by default be enabled on next boot and perform default setup and config which will lock down certain users and passwords, create new SSH host keys etc. One way to disable cloud-init easily is creating an /etc/cloud/cloud- init.disabled file on the system which will keep cloud-init inert intentionally (which is generally a good idea for desktop images to avoid exposure to rogue USB sticks which contain cloud-init user-data being plugged into a laptop and forcing reconfiguration of a laptop) By providing a quirk if cloud-init gets included in an image that doesn't already contain cloud-init, we can prevent this pitfall by adding something like the following across upgrade. cat > /etc/cloud/cloud-init.disabled <<EOF Disabled by do-release-upgrade because cloud-init was pulled in as a `Recommends:` dependency during upgrade and should not be enabled by default EOF  -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2075968 Title: cloud-init locks out user `ubuntu` after upgrade from 22.04 to 24.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/2075968/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
