[Ovirt-devel] [PATCH node] check if root password is expired
Ricardo Marin Matinata
matinata at br.ibm.com
Fri May 21 21:34:16 UTC 2010
On Thu, 2010-05-20 at 19:45 +0200, Alan Pevec wrote:
> this might be upon reboot in case of automated installed
> with rootpw parameter
> Unpersist temprorarily /etc/shaddow to let passwd work and persist
> upon successful login.
The patch seems to work fine, as far as what it proposes to do - assure
one can login into the node, after a completely automated PXE
installation for standalone mode.
However, on a not so related problem, for those using password based
authentication, there's still the problem on passwd not working after
the node is properly installed, unless you explicitly
umount /etc/shadow. Has anybody thought on options on how to cope with
this ? That is, preserving the simple behavior of "passwd" ?
>
> Signed-off-by: Alan Pevec <apevec at redhat.com>
> ---
> scripts/ovirt-early | 9 +++++++--
> 1 files changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/scripts/ovirt-early b/scripts/ovirt-early
> index 4b85102..1c15792 100755
> --- a/scripts/ovirt-early
> +++ b/scripts/ovirt-early
> @@ -478,11 +478,16 @@ start_ovirt_early () {
> if [ -n "$rootpw" ]; then
> log "Setting temporary root password: $rootpw"
> unmount_config /etc/passwd /etc/shadow
> - /usr/sbin/usermod -p $rootpw root
> + /usr/sbin/usermod -p "$rootpw" root
> chage -d 0 root
> + fi
> + # check if root password is expired, this might be upon reboot
> + # in case of automated installed with rootpw parameter!
> + if LC_ALL=C chage -l root | grep -q "password must be changed"; then
> + unmount_config /etc/passwd /etc/shadow
> # PAM will force password change at first login
> # so make sure we persist it after a successful login
> - cat >> /root/.bash_profile << EOF
> + cat >> /etc/profile << EOF
> # added by ovirt-early
> persist /etc/passwd /etc/shadow
> EOF
--
Ricardo Marin Matinata
Linux Technology Center
IBM Brazil | Hortolandia | SP
matinata br ibm com
More information about the ovirt-devel
mailing list