Unable to deprovision local users created in path /etc/passwd after disconnecting from a Compute Engine instance
Stay organized with collections
Save and categorize content based on your preferences.
Problem
You observe that local users created in path /etc/passwd after connecting to the Google Compute Engine instance persist even after the console session is closed.
Environment
- Any Debian-based Google Compute Engine image
Solution
- Enable OS login: when used, the Guest Agent will not create local users.
OR
- Alternatively, you can use the deprovision_remove configuration. This configuration will deprovision any user that does not have an SSH key in the metadata. It will trigger a userdel command for that user. However, this option is destructive and not generally recommended.
If you like to test or confirm the Guest Agent's behavior, you can use the userdel command to remove any users already created. The --remove flag will remove the user's home directory as well.
Cause
Google Compute Engine's guest agent does not deprovision local users after a connection has been terminated.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-11-26 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-11-26 UTC."],[],[]]