* Máirín Duffy:
- Found out it's cloud-info stalling the boot.
I think it's actually cloud-init.
- Yay I have a login prompt! What's the login info? Gahhhh...
- Realize have to run virt-customize --uninstall cloud-init --root-password
password:whatever --selinux-relabel -a theimage
I have requested downstream that we ship separate KVM and cloud images
because cloud-init is a significant security risk when run outside a
cloud environment which supports instance data injection (which libvirt
does not provide). cloud-init probes the network and executes scripts
it finds there as root. It cannot perform authentication because it
performs customization of the image, and the owner of the VM is not
known to it before it runs.
A dedicated cloud image with a document procedure for injecting
authentication information (could be an open root shell on the serial
console) would help your use case as well and discourage people from
abusing the insecure cloud images for KVM installs.
Thanks,
Florian