Created attachment 260829 [details] nuageinit script exec fix nuageinit fails to execute user-data shell scripts on Digital Ocean because their platform (possibly others?) delivers these files without executable permissions. When nuageinit processes a user-data file, it checks if the first line is "#cloud-config". If not, it attempts to execute the file directly using os.execute(), which fails with "Permission denied" when the file lacks executable permissions. The fix involves detecting #!/bin/sh scripts and executing them through sh directly. This minimal change allows nuageinit to work with non-executable shell scripts while maintaining backward compatibility \o/ Tested on Digital Ocean and now the script is now running correctly.
looks good to me, you can push
wait no, could you open a phabricator ? you already have the first line that has been read to check if this is a #cloud-config, so you don't need to reopen it again
Yup, let me check it on -CURRENT
Here -> https://reviews.freebsd.org/D50743
Actually while thinking more about I think I have come with a more complete implementation, sorry for the extra work I may have caused to you. Can you confirm that my fix work on digital ocean?
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=09545628f0cd58406a47f302fb8584a5292d4b1a commit 09545628f0cd58406a47f302fb8584a5292d4b1a Author: Baptiste Daroussin <bapt@FreeBSD.org> AuthorDate: 2025-06-10 07:09:47 +0000 Commit: Baptiste Daroussin <bapt@FreeBSD.org> CommitDate: 2025-06-10 07:20:23 +0000 nuageinit: fix using user_data as a script In official cloudinit, when a user_data file starts with '#!' it should be execute late in the boot process. To respect this nuageinit now copy the user_data script into a /var/cache/nuageinit/user_data if found and a new "firsboot" rcscript anchored to the 'local' rc script is responsible to execute it if found. Note by doing this, we fix another issue we had with nuageinit, if the cloudinit provider provides the user_data scriptout with the executable permission, previous implementation was not working, like apparently what Digital Ocean is doing. PR: 287183 Reported by: olgeni@ libexec/nuageinit/nuageinit | 15 +++++++---- libexec/nuageinit/tests/nuageinit.sh | 30 ++++++++++++++++++++-- libexec/rc/rc.d/Makefile | 3 ++- .../rc/rc.d/nuageinit_user_data_script (new +x) | 25 ++++++++++++++++++ 4 files changed, 65 insertions(+), 8 deletions(-)
(In reply to Baptiste Daroussin from comment #5) Sure, I can grab the good bits and give it a try \o/