Local Shell Post Processor - Runs as which user?

We have some scripts we need to run post-generation, on an Azure virtual machine image generated with Packer.

These scripts can’t be run during image creation, since the user being used for Packer image creation doesn’t exist after the generation is finished:

“The user, created during the image generation, does not exist in the result VHD/image hence some configuration files related to the user’s home directory need to be changed as well as the file permissions for some directories.”

The current solution is to run these scripts after a virtual machine, using the generated image, has booted up.

We are using the generated image in an Azure Virtual Machine Scale set, so we aren’t able to (and most certainly don’t want to) go in manually and execute the scripts. To workaround this we are using a custom script extension on the Virtual Machine Scale set, so that each Virtual Machine instance get the script run during creation time.

What I’m looking for here, is to get these scripts to be already executed on the resulting image (not having to run them on each new Virtual Machine being created from the image), and for that I thought it would perhaps work to make use of the Local Shell Post Processor. However, using this would only work if that post-processor is being run by a user that will “permanently” exist on the resulting Virtual Machine image.

The scripts are copied to the Virtual Machine image during the image generation process (hence locally accessible in the resulting image).

So the question is (more or less, at least with my current knowledge in the topic), which user is the Local Shell Post Processor run with/as? If a temporary one, is it possbile to alter this to a “permanent” one in some way - and if so, how?

Best regards

Hi, thanks for reaching out.

The shell-local post-processor runs on the machine calling Packer, using the same user that has been used to call packer build

But I’m not sure what you want are post-processors. It sounds like you want to run a script on the virtual machine but after the machine has already been created.

All post-processors run after the machine has been shut down and the image has been saved. They’re for modifying the image artifact in some way that doesn’t involve booting it back up. For example, changing the file name of a locally-built artifact, or compressing it. You won’t be able to run a script against your virtual machine without launching the VM again.

When is your permanent user created? If it exists before the Packer run you may be able to use the execute_command option of the shell provisioner to change the user, not unlike the example here where it shows you how to use a sudo command. Something like sudo -iu myuser; {{.Vars}} {{.Path}}