From Georgi.Hristov at fnis.com Sun Jun 1 20:07:01 2008 From: Georgi.Hristov at fnis.com (Hristov, Georgi) Date: Sun, 1 Jun 2008 15:07:01 -0500 Subject: Questions about user entry in ks.cfg file. In-Reply-To: <4840F99F.8080805@bounty.org> References: <482FDB5B.3050605@bounty.org> <4840F99F.8080805@bounty.org> Message-ID: <0EC8C503E6E98647B0BEDDA7351301EAFD09FD@CMBFISLTC02.FNFIS.COM> Just add the users in the %post via the normal Linux useradd command. All works fine and well. Instead of doing that complicated sed of the sudoers file, just append the line you need to the end of it. -Georgi -----Original Message----- From: kickstart-list-bounces at redhat.com [mailto:kickstart-list-bounces at redhat.com] On Behalf Of Petro Sent: Saturday, May 31, 2008 2:09 To: Discussion list about Kickstart Subject: Re: Questions about user entry in ks.cfg file. So no ideas here? Petro wrote: > I am trying to add a small number of users in a ks.cfg such that they > are also in the "wheel" group so that > > user --name=petro --groups="petro,wheel" > --password="$1$v4X7IlXv$fPls90.jmAV0Z/z..vZKj0" --iscrypted > > > > Then in the %post section I: > mv /etc/sudoers /etc/sudoers_orig > cat /etc/sudoers_orig | sed 's/# %wheel.*ALL$/%wheel\tALL=(ALL)\tALL/g' > > /etc/sudoers > chmod 0440 /etc/sudoers > > I've tried this with various shiazit in the groups= bits, but it only > seems to modify/edit the /etc/passwd (e.g. petro:500:10:...) file, not > /etc/group and /etc/gshadow. > > So ultimately my goal is met--I can add these users such that they can > use sudo, but it just doesn't seem to be right. > > Is this correct behavior? This certainly isn't what the documentation > would lead me to believe. > > Regards, > Petro. > > P.S. cat /etc/redhat-release > Red Hat Enterprise Linux Server release 5.1 (Tikanga) > > _______________________________________________ > Kickstart-list mailing list > Kickstart-list at redhat.com > https://www.redhat.com/mailman/listinfo/kickstart-list _______________________________________________ Kickstart-list mailing list Kickstart-list at redhat.com https://www.redhat.com/mailman/listinfo/kickstart-list ______________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _____________ From Gerrard.Geldenhuis at datacash.com Wed Jun 4 15:40:13 2008 From: Gerrard.Geldenhuis at datacash.com (Gerrard Geldenhuis) Date: Wed, 4 Jun 2008 16:40:13 +0100 Subject: Detecting xen Message-ID: Hi I have the following in a pre-script to detect whether I am building a xen machine: set $(list-harddrives) vx=$(echo $2|cut -d. -f 1 ) if [ $vx -lt 5120 ]; then echo 'xen' > /tmp/xen etc... This makes assumptions based on disk size. This is a fairly safe assumption for us because we control the disk size but I was wondering if anybody could suggest a more sure fire robust way of detecting whether one is building xen or "normal". For normal builds I am using dmidecode which is working very well and I can even use it for VMWare builds. My aim is to have one kickstart per service type that adjust itself according to underlying platform which could be IBM, HP, VMWare or Xen. Regards -------------- next part -------------- An HTML attachment was scrubbed... URL: From Georgi.Hristov at fnis.com Wed Jun 4 16:05:21 2008 From: Georgi.Hristov at fnis.com (Hristov, Georgi) Date: Wed, 4 Jun 2008 11:05:21 -0500 Subject: Detecting xen In-Reply-To: References: Message-ID: <0EC8C503E6E98647B0BEDDA7351301EAFD10A4@CMBFISLTC02.FNFIS.COM> I understand you want to distinguish them, but what do you use that for? Is it for some post install customizations? You will have many more options in the post section instead of the pre section? -Georgi From: kickstart-list-bounces at redhat.com [mailto:kickstart-list-bounces at redhat.com] On Behalf Of Gerrard Geldenhuis Sent: Wednesday, June 04, 2008 10:40 To: Discussion list about Kickstart Subject: Detecting xen Hi I have the following in a pre-script to detect whether I am building a xen machine: set $(list-harddrives) vx=$(echo $2|cut -d. -f 1 ) if [ $vx -lt 5120 ]; then echo 'xen' > /tmp/xen etc... This makes assumptions based on disk size. This is a fairly safe assumption for us because we control the disk size but I was wondering if anybody could suggest a more sure fire robust way of detecting whether one is building xen or "normal". For normal builds I am using dmidecode which is working very well and I can even use it for VMWare builds. My aim is to have one kickstart per service type that adjust itself according to underlying platform which could be IBM, HP, VMWare or Xen. Regards ______________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _____________ -------------- next part -------------- An HTML attachment was scrubbed... URL: From rainer at ultra-secure.de Wed Jun 4 16:16:34 2008 From: rainer at ultra-secure.de (Rainer Duffner) Date: Wed, 04 Jun 2008 18:16:34 +0200 Subject: Detecting xen In-Reply-To: <0EC8C503E6E98647B0BEDDA7351301EAFD10A4@CMBFISLTC02.FNFIS.COM> References: <0EC8C503E6E98647B0BEDDA7351301EAFD10A4@CMBFISLTC02.FNFIS.COM> Message-ID: <4846BFE2.1020506@ultra-secure.de> Hristov, Georgi schrieb: > > I understand you want to distinguish them, but what do you use that > for? Is it for some post install customizations? You will have many > more options in the post section instead of the pre section? > > > I think he can make certain assumptions regarding the disk-size once he knows what hardware it is. With these assumptions, he can then choose a partitioning layout accordingly. Rainer From Gerrard.Geldenhuis at datacash.com Wed Jun 4 16:12:14 2008 From: Gerrard.Geldenhuis at datacash.com (Gerrard Geldenhuis) Date: Wed, 4 Jun 2008 17:12:14 +0100 Subject: Detecting xen In-Reply-To: <0EC8C503E6E98647B0BEDDA7351301EAFD10A4@CMBFISLTC02.FNFIS.COM> References: <0EC8C503E6E98647B0BEDDA7351301EAFD10A4@CMBFISLTC02.FNFIS.COM> Message-ID: Hi Georgi, Good question, The problem is I am assigning partition size using actual sizes rather than percentages. Production machines will have plenty of disk space available but trying to create 80+Gb's of partitions on xen machine only given 5Gb's will obviosly fail. I am thus stuck to using pre unless I can be more creative about my partitioning but that will require a lot of rethink. Regards ________________________________ From: kickstart-list-bounces at redhat.com [mailto:kickstart-list-bounces at redhat.com] On Behalf Of Hristov, Georgi Sent: 04 June 2008 17:05 To: Discussion list about Kickstart Subject: RE: Detecting xen I understand you want to distinguish them, but what do you use that for? Is it for some post install customizations? You will have many more options in the post section instead of the pre section? -Georgi From: kickstart-list-bounces at redhat.com [mailto:kickstart-list-bounces at redhat.com] On Behalf Of Gerrard Geldenhuis Sent: Wednesday, June 04, 2008 10:40 To: Discussion list about Kickstart Subject: Detecting xen Hi I have the following in a pre-script to detect whether I am building a xen machine: set $(list-harddrives) vx=$(echo $2|cut -d. -f 1 ) if [ $vx -lt 5120 ]; then echo 'xen' > /tmp/xen etc... This makes assumptions based on disk size. This is a fairly safe assumption for us because we control the disk size but I was wondering if anybody could suggest a more sure fire robust way of detecting whether one is building xen or "normal". For normal builds I am using dmidecode which is working very well and I can even use it for VMWare builds. My aim is to have one kickstart per service type that adjust itself according to underlying platform which could be IBM, HP, VMWare or Xen. Regards ______________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _____________ -------------- next part -------------- An HTML attachment was scrubbed... URL: From jgranado at redhat.com Wed Jun 4 17:47:50 2008 From: jgranado at redhat.com (Joel Andres Granados) Date: Wed, 04 Jun 2008 19:47:50 +0200 Subject: Detecting xen In-Reply-To: References: Message-ID: <4846D546.5030809@redhat.com> Gerrard Geldenhuis wrote: > Hi > > I have the following in a pre-script to detect whether I am building a > xen machine: > > set $(list-harddrives) > > vx=$(echo $2|cut -d. -f 1 ) > > if [ $vx -lt 5120 ]; then > > echo 'xen' > /tmp/xen > > > > etc... just check for the /proc/xen/capabilities file. > > > > > > This makes assumptions based on disk size. > > This is a fairly safe assumption for us because we control the disk size > but I was wondering if anybody could suggest a more sure fire robust way > of detecting whether one is building xen or "normal". For normal builds > I am using dmidecode which is working very well and I can even use it > for VMWare builds. > > > > My aim is to have one kickstart per service type that adjust itself > according to underlying platform which could be IBM, HP, VMWare or Xen. > > > > Regards > > > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Kickstart-list mailing list > Kickstart-list at redhat.com > https://www.redhat.com/mailman/listinfo/kickstart-list -- Joel Andres Granados Red Hat / Brno, Czech Republic From ebrown at lanl.gov Wed Jun 4 20:19:43 2008 From: ebrown at lanl.gov (Ed Brown) Date: Wed, 04 Jun 2008 14:19:43 -0600 Subject: Detecting xen In-Reply-To: <4846D546.5030809@redhat.com> References: <4846D546.5030809@redhat.com> Message-ID: <4846F8DF.30402@lanl.gov> > just check for the /proc/xen/capabilities file. Sounds like the OP is looking to distinguish xen guests. The file above is also present on hosts, or any system running a xen kernel I'd guess. Can this file also be used to reliably distinguish between guests and non-guests? On the few systems I've got to check against, the capabilities file contains: "control_d" on hosts, while on all (pv) guests, the file is empty. Also I don't know how reliable, this is, or will remain, but xen guests are the only systems I've got where 'lspci' returns nothing (successfully). -Ed From katzj at redhat.com Wed Jun 4 20:48:07 2008 From: katzj at redhat.com (Jeremy Katz) Date: Wed, 04 Jun 2008 16:48:07 -0400 Subject: Detecting xen In-Reply-To: <4846F8DF.30402@lanl.gov> References: <4846D546.5030809@redhat.com> <4846F8DF.30402@lanl.gov> Message-ID: <1212612487.7358.14.camel@aglarond.local> On Wed, 2008-06-04 at 14:19 -0600, Ed Brown wrote: > > just check for the /proc/xen/capabilities file. > > Sounds like the OP is looking to distinguish xen guests. The file > above is also present on hosts, or any system running a xen kernel I'd > guess. Well, anaconda doesn't run with the xen host kernel, so ... :) > Can this file also be used to reliably distinguish between > guests and non-guests? On the few systems I've got to check against, > the capabilities file contains: "control_d" on hosts, while on all > (pv) guests, the file is empty. control_d should imply a dom0, yes > Also I don't know how reliable, this is, or will remain, but xen > guests are the only systems I've got where 'lspci' returns nothing > (successfully). The likely won't remain reliable -- you can do pci passthrough to a guest Jeremy From ebrown at lanl.gov Wed Jun 4 21:03:48 2008 From: ebrown at lanl.gov (Ed Brown) Date: Wed, 04 Jun 2008 15:03:48 -0600 Subject: Detecting xen In-Reply-To: <1212612487.7358.14.camel@aglarond.local> References: <4846D546.5030809@redhat.com> <4846F8DF.30402@lanl.gov> <1212612487.7358.14.camel@aglarond.local> Message-ID: <48470334.40402@lanl.gov> Jeremy Katz wrote: > Well, anaconda doesn't run with the xen host kernel, so ... :) How does anaconda make the determination that it is running in a domU? thanks, Ed From katzj at redhat.com Wed Jun 4 21:08:36 2008 From: katzj at redhat.com (Jeremy Katz) Date: Wed, 04 Jun 2008 17:08:36 -0400 Subject: Detecting xen In-Reply-To: <48470334.40402@lanl.gov> References: <4846D546.5030809@redhat.com> <4846F8DF.30402@lanl.gov> <1212612487.7358.14.camel@aglarond.local> <48470334.40402@lanl.gov> Message-ID: <1212613716.7358.17.camel@aglarond.local> On Wed, 2008-06-04 at 15:03 -0600, Ed Brown wrote: > Jeremy Katz wrote: > > Well, anaconda doesn't run with the xen host kernel, so ... :) > > How does anaconda make the determination that it is running in a domU? Existence of /proc/xen/capabilities as Joel said Jeremy From ebrown at lanl.gov Wed Jun 4 22:30:53 2008 From: ebrown at lanl.gov (Ed Brown) Date: Wed, 04 Jun 2008 16:30:53 -0600 Subject: Detecting xen In-Reply-To: <1212613716.7358.17.camel@aglarond.local> References: <4846D546.5030809@redhat.com> <4846F8DF.30402@lanl.gov> <1212612487.7358.14.camel@aglarond.local> <48470334.40402@lanl.gov> <1212613716.7358.17.camel@aglarond.local> Message-ID: <4847179D.6060803@lanl.gov> >>> Well, anaconda doesn't run with the xen host kernel, so ... :) >> How does anaconda make the determination that it is running in a domU? > Existence of /proc/xen/capabilities as Joel said So the OP's question is answered, and also how to use the content, or lack thereof, of the capabilities file to make a determination outside of anaconda. It's just curiosity at this point, but I'm looking for a chicken or an egg somewhere, in the loader maybe? /proc/xen/capabilities doesn't exist till the xen kernel is loaded. Where is the magic that knows to load a xen kernel during a domU install? Hoping it's not a completely misguided question, Ed From katzj at redhat.com Wed Jun 4 22:38:15 2008 From: katzj at redhat.com (Jeremy Katz) Date: Wed, 04 Jun 2008 18:38:15 -0400 Subject: Detecting xen In-Reply-To: <4847179D.6060803@lanl.gov> References: <4846D546.5030809@redhat.com> <4846F8DF.30402@lanl.gov> <1212612487.7358.14.camel@aglarond.local> <48470334.40402@lanl.gov> <1212613716.7358.17.camel@aglarond.local> <4847179D.6060803@lanl.gov> Message-ID: <1212619095.7358.34.camel@aglarond.local> On Wed, 2008-06-04 at 16:30 -0600, Ed Brown wrote: > It's just curiosity at this point, but I'm looking for a chicken or an > egg somewhere, in the loader maybe? /proc/xen/capabilities doesn't > exist till the xen kernel is loaded. Where is the magic that knows to > load a xen kernel during a domU install? The domU install is (generally) started by virt-install/virt-manager which you tell whether you want to do a PV or a FV install. That then loads up the right kernel and the decision is out of anaconda's hands entirely Jeremy From debian at herakles.homelinux.org Thu Jun 5 01:23:49 2008 From: debian at herakles.homelinux.org (John Summerfield) Date: Thu, 05 Jun 2008 09:23:49 +0800 Subject: Detecting xen In-Reply-To: <4846D546.5030809@redhat.com> References: <4846D546.5030809@redhat.com> Message-ID: <48474025.2030700@herakles.homelinux.org> Joel Andres Granados wrote: > Gerrard Geldenhuis wrote: >> Hi >> >> I have the following in a pre-script to detect whether I am building a >> xen machine: >> >> set $(list-harddrives) >> >> vx=$(echo $2|cut -d. -f 1 ) >> >> if [ $vx -lt 5120 ]; then >> >> echo 'xen' > /tmp/xen >> >> >> >> etc... > > just check for the /proc/xen/capabilities file. I thought of that, then dismissed it as xen support isn't needed for fully-virtualised guests. It used to be that one could look at /proc/pci, but that got removed. At present xen (and kvm) emulate fairly antiquated PCI hardware. dmesg | grep -q && echo It's virtual == QEMU detects KVM here (f9 host, debian guest. == PIIX3 also occurs in KVM, maybe also in Xen (I don't have a working xen at present). A regex looking for ACPI and other stuff should work too. -- Cheers John -- spambait 1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu -- Advice http://webfoot.com/advice/email.top.php http://www.catb.org/~esr/faqs/smart-questions.html http://support.microsoft.com/kb/555375 You cannot reply off-list:-) From debian at herakles.homelinux.org Thu Jun 5 01:25:52 2008 From: debian at herakles.homelinux.org (John Summerfield) Date: Thu, 05 Jun 2008 09:25:52 +0800 Subject: Detecting xen In-Reply-To: <4847179D.6060803@lanl.gov> References: <4846D546.5030809@redhat.com> <4846F8DF.30402@lanl.gov> <1212612487.7358.14.camel@aglarond.local> <48470334.40402@lanl.gov> <1212613716.7358.17.camel@aglarond.local> <4847179D.6060803@lanl.gov> Message-ID: <484740A0.90602@herakles.homelinux.org> Ed Brown wrote: >>>> Well, anaconda doesn't run with the xen host kernel, so ... :) >>> How does anaconda make the determination that it is running in a domU? >> Existence of /proc/xen/capabilities as Joel said > > So the OP's question is answered, and also how to use the content, or > lack thereof, of the capabilities file to make a determination outside > of anaconda. > > It's just curiosity at this point, but I'm looking for a chicken or an > egg somewhere, in the loader maybe? /proc/xen/capabilities doesn't > exist till the xen kernel is loaded. Where is the magic that knows to > load a xen kernel during a domU install? I don't use xen kernels on some of my guests, even when I have a functional xen host. It depends on the CPU. -- Cheers John -- spambait 1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu -- Advice http://webfoot.com/advice/email.top.php http://www.catb.org/~esr/faqs/smart-questions.html http://support.microsoft.com/kb/555375 You cannot reply off-list:-) From jas at cse.yorku.ca Mon Jun 9 18:06:17 2008 From: jas at cse.yorku.ca (Jason Keltz) Date: Mon, 09 Jun 2008 14:06:17 -0400 Subject: kickstart lvm problem Message-ID: <484D7119.60204@cse.yorku.ca> Hi. I'm having a strange problem with kickstart and lvm. I rebuilt the original RHEL (4) CD 1. I used our current kernel, and rebuilt all the modules in the default initrd.img and the resulting modules.cgz, etc. I added support for my unsupported network adapter. Anaconda seems to be happy with that and loads the driver. It also loads other modules for ata_piix, libata, etc. However, after mounting the source via NFS to /mnt/source, and stage2.img to /mnt/runtime, it tries to load the raid modules and fails: modules to insert md raid0 raid1 xor raid5 raid6 ... dm-mod ... ... and then I get: module(s) md ... dm-mod ... not found As a result, dm-mod doesn't get loaded, device-mapper isn't available, and my lvm creation during k/s fails. If I go to the shell, and do a modprobe on dm-mod.ko, it loads, device-mapper is available, and everything seems okay. The only thing I can think of that would be a problem is that I did not touch stage2.img, so there are modules in there (/mnt/runtime/modules/modules.cgz) that it definately cannot load because they are for the old kernel version. However, I've placed all the modules including the dm-* ones into the original initrd.img that gets mounted to /modules. Why aren't the dm-* files in the original initrd.img file? How can I verify where anaconda is looking for the modules? Can I get away without touching stage2.img? Thanks for any help you can provide... this has been troubling me all day. jas. From epearce at amberpoint.com Tue Jun 24 21:44:10 2008 From: epearce at amberpoint.com (Eric Pearce) Date: Tue, 24 Jun 2008 14:44:10 -0700 Subject: getting kickstart to use "extra" instead of "updates" for driverdisk Message-ID: <00ed01c8d643$6f9640d0$bc0c0a0a@edgility.com> I have a system where I need to load a driver newer than the one that comes with the distribution. This is the 3w-9xxx.ko driver for the 3Ware 9690 SAS controller and is in /lib/modules/2.6.18-53.el5/modules/kernel/drivers/scsi. I have following line in my kickstart config that loads a newer version of this driver using an image of a driver disk: driverdisk --source=http://installserver/RHEL-5.1-SERVER-X86_64/images/dd.img This works fine, and newer driver ends up in /lib/modules//updates. I can see this happen in the anaconda.log file: 17:42:32 INFO : modules to insert 3w-9xxx 17:42:32 INFO : module 3w-9xxx found on driver disk 3ware Storage Controller Driver Disk 17:42:32 INFO : loaded 3w-9xxx from /tmp/ramfs/DD-0/modules.cgz 17:42:34 INFO : inserted /tmp/3w-9xxx.ko 17:42:58 WARNING : Didn't find any package providing module 3w-9xxx 10:48:02 INFO : running: 'cd /mnt/sysimage/lib/modules; gunzip < /tmp/ramfs/DD-0/modules.cgz | /mnt/sysimage/bin/cpio --quiet -iumd 2.6.18-53.el5/x86_64/3w-9xxx.ko 2.6.18-53.el5/3w-9xxx.ko ' 10:48:02 INFO : moving /mnt/sysimage/lib/modules/2.6.18-53.el5/x86_64/3w-9xxx.ko to /mnt/sysimage/lib/modules/2.6.18-53.el5/updates/3w-9xxx.ko The problem is that subsequent kernel updates run the /sbin/weak-modules command, which expects the driver to be in /lib/modules//extra (and seems to ignore the "updates" directory). The result is that the newer driver never gets linked to subsequent kernels. At the moment, I use the following in my kickstart config to address this: %post mv /lib/modules/2.6.18-53.el5/updates/3w-9xxx.ko /lib/modules/2.6.18-53.el5/extra/ Is there a way to get kickstart to use the "extra" directory instead of "updates" ? I'm assuming that I can't easy change the behavior of /sbin/weak-modules or /sbin/new-kernel-pkg. thanks -e From niallel at gmail.com Wed Jun 25 21:30:31 2008 From: niallel at gmail.com (niall el-assaad) Date: Wed, 25 Jun 2008 22:30:31 +0100 Subject: Can you set a blank root passwd with a kickstart file? Message-ID: Hi, Is there a way of setting the "rootpw" entry so that there is no root password. I want to make the iso install completely and then ask the user to change the root password on first login. So they would just enter login: root then it will ask them to change their password. I can get the second part to happen with "chage -d0 root" in the %post section, but can't get it to install without a password in the first place. If I leave out the rootpw entry it asks me to enter one as part of anaconda. Is there some switch I can use with the rootpw entry to not have a password? thanks, niall -------------- next part -------------- An HTML attachment was scrubbed... URL: From klaus.steden at thomson.net Wed Jun 25 22:07:35 2008 From: klaus.steden at thomson.net (Klaus Steden) Date: Wed, 25 Jun 2008 15:07:35 -0700 Subject: Can you set a blank root passwd with a kickstart file? In-Reply-To: Message-ID: I don?t believe so, but you could stick a ?passwd ?d root? in the ?? section of your Kickstart file to clobber it during the tail end of installation. cheers, Klaus On 6/25/08 2:30 PM, "niall el-assaad" did etch on stone tablets: > Hi, > > Is there a way of setting the "rootpw" entry so that there is no root > password. > > I want to make the iso install completely and then ask the user to change the > root password on first login. > > So they would just enter > login: root > > then it will ask them to change their password. > > I can get the second part to happen with "chage -d0 root" in the %post > section, but can't get it to install without a password in the first place. > > If I leave out the rootpw entry it asks me to enter one as part of anaconda. > > Is there some switch I can use with the rootpw entry to not have a password? > > thanks, > > niall > > > _______________________________________________ > Kickstart-list mailing list > Kickstart-list at redhat.com > https://www.redhat.com/mailman/listinfo/kickstart-list -------------- next part -------------- An HTML attachment was scrubbed... URL: From mats.o.karlsson at gmail.com Wed Jun 25 22:24:47 2008 From: mats.o.karlsson at gmail.com (Mats Karlsson) Date: Thu, 26 Jun 2008 00:24:47 +0200 Subject: Can you set a blank root passwd with a kickstart file? In-Reply-To: References: Message-ID: <4862C5AF.9040305@gmail.com> niall el-assaad wrote: > Hi, > Is there a way of setting the "rootpw" entry so that there is no root > password. > > I want to make the iso install completely and then ask the user to change > the root password on first login. > > So they would just enter > login: root > > then it will ask them to change their password. > > I can get the second part to happen with "chage -d0 root" in the %post > section, but can't get it to install without a password in the first place. > > If I leave out the rootpw entry it asks me to enter one as part of anaconda. > > Is there some switch I can use with the rootpw entry to not have a password? > > thanks, > > niall > Have you tried to set a "blank" password ? If not, create a blank pw with : perl -we 'print crypt("", "salt"). "\n"' /Mats From debian at herakles.homelinux.org Wed Jun 25 22:31:02 2008 From: debian at herakles.homelinux.org (John Summerfield) Date: Thu, 26 Jun 2008 06:31:02 +0800 Subject: Can you set a blank root passwd with a kickstart file? In-Reply-To: References: Message-ID: <4862C726.3020300@herakles.homelinux.org> Klaus Steden wrote: > I don?t believe so, but you could stick a ?passwd ?d root? in the ?? > section of your Kickstart file to clobber it during the tail end of > installation. > > cheers, > Klaus > > On 6/25/08 2:30 PM, "niall el-assaad" did etch on stone > tablets: > >> Hi, >> >> Is there a way of setting the "rootpw" entry so that there is no root >> password. >> >> I want to make the iso install completely and then ask the user to change the >> root password on first login. >> >> So they would just enter >> login: root >> >> then it will ask them to change their password. I would have thought setting it to some known constant, eg "toor" would work as well. I'm not sure that Klaus' idea with passwd works, but for sure both sed and perl can do it. As can vim: ex /etc/passwd -c '/root/ s/:x:/::/' -c :wq -- Cheers John -- spambait 1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu -- Advice http://webfoot.com/advice/email.top.php http://www.catb.org/~esr/faqs/smart-questions.html http://support.microsoft.com/kb/555375 You cannot reply off-list:-) From niallel at gmail.com Wed Jun 25 22:57:53 2008 From: niallel at gmail.com (niall el-assaad) Date: Wed, 25 Jun 2008 23:57:53 +0100 Subject: Can you set a blank root passwd with a kickstart file? In-Reply-To: <4862C726.3020300@herakles.homelinux.org> References: <4862C726.3020300@herakles.homelinux.org> Message-ID: Thanks so much everyone. The best way to do it was to set a password using rootpw, then as Klaus mentions to remove it using /usr/bin/passwd -d root thanks again, On Wed, Jun 25, 2008 at 11:31 PM, John Summerfield < debian at herakles.homelinux.org> wrote: > Klaus Steden wrote: > >> I don?t believe so, but you could stick a ?passwd ?d root? in the ?? >> section of your Kickstart file to clobber it during the tail end of >> installation. >> >> cheers, >> Klaus >> >> On 6/25/08 2:30 PM, "niall el-assaad" did etch on >> stone >> tablets: >> >> Hi, >>> >>> Is there a way of setting the "rootpw" entry so that there is no root >>> password. >>> >>> I want to make the iso install completely and then ask the user to change >>> the >>> root password on first login. >>> >>> So they would just enter >>> login: root >>> >>> then it will ask them to change their password. >>> >> > I would have thought setting it to some known constant, eg "toor" would > work as well. > > I'm not sure that Klaus' idea with passwd works, but for sure both sed and > perl can do it. As can vim: > ex /etc/passwd -c '/root/ s/:x:/::/' -c :wq > > > > > > -- > > Cheers > John > > -- spambait > 1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu > -- Advice > http://webfoot.com/advice/email.top.php > http://www.catb.org/~esr/faqs/smart-questions.html > http://support.microsoft.com/kb/555375 > > You cannot reply off-list:-) > > > _______________________________________________ > Kickstart-list mailing list > Kickstart-list at redhat.com > https://www.redhat.com/mailman/listinfo/kickstart-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Georgi.Hristov at fnis.com Thu Jun 26 15:28:23 2008 From: Georgi.Hristov at fnis.com (Hristov, Georgi) Date: Thu, 26 Jun 2008 10:28:23 -0500 Subject: Can you set a blank root passwd with a kickstart file? In-Reply-To: <4862C5AF.9040305@gmail.com> References: <4862C5AF.9040305@gmail.com> Message-ID: <0EC8C503E6E98647B0BEDDA7351301EA010D66EE@CMBFISLTC02.FNFIS.COM> Just setup the password initially to something via the "rootpw" setting. Then in the %post section remove the "x" from the /etc/passwd file for the root account. You can do that with sed/awk/perl. This will render the root account with NULL password. -Georgi -----Original Message----- From: kickstart-list-bounces at redhat.com [mailto:kickstart-list-bounces at redhat.com] On Behalf Of Mats Karlsson Sent: Wednesday, June 25, 2008 17:25 To: Discussion list about Kickstart Subject: Re: Can you set a blank root passwd with a kickstart file? niall el-assaad wrote: > Hi, > Is there a way of setting the "rootpw" entry so that there is no root > password. > > I want to make the iso install completely and then ask the user to change > the root password on first login. > > So they would just enter > login: root > > then it will ask them to change their password. > > I can get the second part to happen with "chage -d0 root" in the %post > section, but can't get it to install without a password in the first place. > > If I leave out the rootpw entry it asks me to enter one as part of anaconda. > > Is there some switch I can use with the rootpw entry to not have a password? > > thanks, > > niall > Have you tried to set a "blank" password ? If not, create a blank pw with : perl -we 'print crypt("", "salt"). "\n"' /Mats _______________________________________________ Kickstart-list mailing list Kickstart-list at redhat.com https://www.redhat.com/mailman/listinfo/kickstart-list ______________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _____________