[Ovirt-devel] [PATCH node] rootpw boot parameter
Mike Burns
mburns at redhat.com
Thu Mar 4 22:27:01 UTC 2010
On Thu, 2010-03-04 at 22:24 +0100, Alan Pevec wrote:
> rootpw=<encrypted_password>
> sets a temporary root password, change is forced on first login
> password is crypted, same as Kickstart option rootpw --iscrypted
>
> WARNING: use for debugging only, this is not secure!
>
> Signed-off-by: Alan Pevec <apevec at redhat.com>
> ---
> scripts/ovirt-early | 22 ++++++++++++++++++++++
> 1 files changed, 22 insertions(+), 0 deletions(-)
>
> diff --git a/scripts/ovirt-early b/scripts/ovirt-early
> index 6e8e5b3..1ab0578 100755
> --- a/scripts/ovirt-early
> +++ b/scripts/ovirt-early
> @@ -247,6 +247,12 @@ start() {
> # enter emergency shell for fixing configuration issues
> rescue=
>
> + # rootpw=<encrypted_password>
> + # sets a temporary root password, change is forced on first login
> + # password is crypted, same as Kickstart option rootpw --iscrypted
> + # WARNING: use for debugging only, this is not secure!
> + rootpw=
> +
> # pxelinux format: ip=<client-ip>:<boot-server-ip>:<gw-ip>:<netmask>
> # anaconda format: ip=<client-ip> netmask=<netmask> gateway=<gw-ip>
> # ipv6=dhcp|auto
> @@ -365,6 +371,9 @@ start() {
> rescue)
> rescue=1
> ;;
> + rootpw=*)
> + rootpw=${i#rootpw=}
> + ;;
>
> ovirt_overcommit*)
> i=${i#ovirt_overcommit=}
> @@ -459,6 +468,19 @@ start() {
> fi
> fi
>
> + if [ -n "$rootpw" ]; then
> + log "Setting temporary root password: $rootpw"
> + unmount_config /etc/passwd /etc/shadow
> + /usr/sbin/usermod -p $rootpw root
> + chage -d 0 root
> + # PAM will force password change at first login
> + # so make sure we persist it after a successful login
> + cat >> /root/.bash_profile << EOF
> +# added by ovirt-early
> +persist /etc/passwd /etc/shadow
> +EOF
> + fi
> +
> if [ "$rescue" = 1 ]; then
> log "Rescue mode requested, starting emergency shell"
> stop_log
ACK
More information about the ovirt-devel
mailing list