Is there some kind of caveat to using the rootpw --iscrypted directive and then specifying a graphical install?
I always seem to get the prompt coming up... If I remove the graphical and do a text install, it works fine and if I remove the --iscrypted and put a plain-text password in there, it works as well.
Any suggestions?
- G
Sorry, should have specified - I'm using kickstart to load my machine(s).
On 9/4/07, semi linux linuxsemi@gmail.com wrote:
Is there some kind of caveat to using the rootpw --iscrypted directive and then specifying a graphical install?
I always seem to get the prompt coming up... If I remove the graphical and do a text install, it works fine and if I remove the --iscrypted and put a plain-text password in there, it works as well.
Any suggestions?
- G
semi linux wrote:
Sorry, should have specified - I'm using kickstart to load my machine(s).
On 9/4/07, semi linux linuxsemi@gmail.com wrote:
Is there some kind of caveat to using the rootpw --iscrypted directive and then specifying a graphical install?
I always seem to get the prompt coming up... If I remove the graphical and do a text install, it works fine and if I remove the --iscrypted and put a plain-text password in there, it works as well.
Any suggestions?
- G
If you're installing via kickstart, why do you need graphical mode?
-- j
semi linux wrote:
Sorry, should have specified - I'm using kickstart to load my machine(s).
On 9/4/07, semi linux linuxsemi@gmail.com wrote:
Is there some kind of caveat to using the rootpw --iscrypted directive and then specifying a graphical install?
I'm able to do this with no prompts.
I always seem to get the prompt coming up... If I remove the graphical and do a text install, it works fine and if I remove the --iscrypted and put a plain-text password in there, it works as well.
What do you mean "remove the graphical" -- as far as I can tell, it's graphical by default. The absence of the word "text" means it'll do a graphical install.
When you get a prompt, what is it asking for? Do you have a line for "auth" or "authconfig"? (In general, make sure you have all the required directives like "lang", "keyboard", etc.)
johnn
On 9/5/07, Johnn Tan linuxweb@gmail.com wrote:
semi linux wrote:
Sorry, should have specified - I'm using kickstart to load my machine(s).
On 9/4/07, semi linux linuxsemi@gmail.com wrote:
Is there some kind of caveat to using the rootpw --iscrypted directive and then specifying a graphical install?
I'm able to do this with no prompts.
I always seem to get the prompt coming up... If I remove the graphical and do a text install, it works fine and if I remove the --iscrypted and put a plain-text password in there, it works as well.
What do you mean "remove the graphical" -- as far as I can tell, it's graphical by default. The absence of the word "text" means it'll do a graphical install.
When you get a prompt, what is it asking for? Do you have a line for "auth" or "authconfig"? (In general, make sure you have all the required directives like "lang", "keyboard", etc.)
johnn
"remove the graphical" means switch it back to "text".
Here is the relevant section of the kickstart: (does prompt for pw):
lang en_US keyboard us timezone America/Los_Angeles --utc rootpw textpw # rootpw --iscrypted *********************** reboot logging --level=debug graphical # text install autostep --autoscreenshot driverdisk --type=ext2 --source=http://****/3w9650SE-x86_64-9.4.1.1.img url --url http://*****/CentOS5 bootloader --location=mbr --append="crashkernel=256M@16M" zerombr clearpart --all --initlabel part swap --recommended --ondisk=sda part /boot --fstype "ext3" --ondisk=sda --size 200 part / --fstype "ext3" --ondisk=sda --size 100000 auth --useshadow --enablemd5 network --bootproto=dhcp --device=eth0 --hostname=temp --onboot=yes --noipv6 firewall --disabled selinux --disabled xconfig --defaultdesktop=gnome --startxonboot --resolution=1024x768 --depth=32
If I uncomment these lines and re-comment their counterparts, then is prompts. - The prompt is the default password prompt. - The auth line is in there. - I don't necessarily need graphical but it's a whole lot nicer due to the screenshots provided
Any other hints or suggestions?
I use rootpw --iscrypted with my kickstart installs in graphical mode all the time. Here is the first section of my kickstart file:
# Start of snip install url --url http://centosmirror/ lang en_US.UTF-8 langsupport --default=en_US.UTF-8 en_US.UTF-8 keyboard us xconfig --resolution 1600x1200 --depth 24 --startxonboot -- defaultdesktop gnome network --device=eth0 --bootproto=dhcp --hostname myhost rootpw --iscrypted ********************************** firewall --enabled --trust=eth0 --port=22:tcp --port=80:tcp selinux --disabled authconfig --enableshadow --enablemd5 --enablenis -- nisdomain=mydomain --nisserver=nisname timezone America/New_York bootloader --location=mbr --append="rhgb quiet" clearpart --all --drives=sda --initlabel part /boot --fstype ext3 --size=100 --ondisk=sda part pv.2 --size=0 --grow --ondisk=sda volgroup VolGroup00 --pesize=32768 pv.2 logvol swap --fstype swap --name=LogVol00 --vgname=VolGroup00 -- size=1000 --grow --maxsize=3000 logvol / --fstype ext3 --name=LogVol01 --vgname=VolGroup00 -- size=1024 --grow --maxsize=40000 logvol /scratch --fstype ext3 --name=LogVol02 --vgname=VolGroup00 -- size=1024 --grow shutdown # End of snip
Hope this helps, Alfred
semi linux wrote:
Here is the relevant section of the kickstart: (does prompt for pw):
lang en_US keyboard us timezone America/Los_Angeles --utc rootpw textpw # rootpw --iscrypted *********************** reboot logging --level=debug graphical # text install autostep --autoscreenshot driverdisk --type=ext2 --source=http://****/3w9650SE-x86_64-9.4.1.1.img url --url http://*****/CentOS5 bootloader --location=mbr --append="crashkernel=256M@16M" zerombr clearpart --all --initlabel part swap --recommended --ondisk=sda part /boot --fstype "ext3" --ondisk=sda --size 200 part / --fstype "ext3" --ondisk=sda --size 100000 auth --useshadow --enablemd5 network --bootproto=dhcp --device=eth0 --hostname=temp --onboot=yes --noipv6 firewall --disabled selinux --disabled xconfig --defaultdesktop=gnome --startxonboot --resolution=1024x768 --depth=32
If I uncomment these lines and re-comment their counterparts, then is prompts.
- The prompt is the default password prompt.
- The auth line is in there.
- I don't necessarily need graphical but it's a whole lot nicer due to
the screenshots provided
Any other hints or suggestions?
Looks about right. Where are you getting the crypted root pw? Are you sure it's valid/complete?
Other than that, I don't have any other suggestions.
johnn
For whatever reason, this just does not want to work for me...
I get my crypted password from the /etc/shadow file and copy it directly into the ks file. I've done this ~ 6-8 times now, resetting the root password, copying it and trying to kickstart from it - no change. (I thought there was only one right answer, but if I reset my password and type the same thing, the crypted string changes slightly everytime.)
Anaconda still prompts me for the password no matter what.
If I change it to a plain text password, it works. If I use the non-graphical install, it works.
I've even deleted the lines to make sure I don't have any special characters in there...
The only thin I can think of is that maybe my crypted password contains an escape sequence that might not be properly handled in anaconda?
I'm completely stumped.
- G.
On 9/6/07, Johnn Tan linuxweb@gmail.com wrote:
semi linux wrote:
Here is the relevant section of the kickstart: (does prompt for pw):
lang en_US keyboard us timezone America/Los_Angeles --utc rootpw textpw # rootpw --iscrypted *********************** reboot logging --level=debug graphical # text install autostep --autoscreenshot driverdisk --type=ext2 --source=http://****/3w9650SE-x86_64-9.4.1.1.img url --url http://*****/CentOS5 bootloader --location=mbr --append="crashkernel=256M@16M" zerombr clearpart --all --initlabel part swap --recommended --ondisk=sda part /boot --fstype "ext3" --ondisk=sda --size 200 part / --fstype "ext3" --ondisk=sda --size 100000 auth --useshadow --enablemd5 network --bootproto=dhcp --device=eth0 --hostname=temp --onboot=yes --noipv6 firewall --disabled selinux --disabled xconfig --defaultdesktop=gnome --startxonboot --resolution=1024x768 --depth=32
If I uncomment these lines and re-comment their counterparts, then is prompts.
- The prompt is the default password prompt.
- The auth line is in there.
- I don't necessarily need graphical but it's a whole lot nicer due to
the screenshots provided
Any other hints or suggestions?
Looks about right. Where are you getting the crypted root pw? Are you sure it's valid/complete?
Other than that, I don't have any other suggestions.
johnn _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Fri, Sep 07, 2007 at 11:17:18AM -0700, semi linux wrote:
it and trying to kickstart from it - no change. (I thought there was only one right answer, but if I reset my password and type the same thing, the crypted string changes slightly everytime.)
Traditionally, a password can be encrypted using crypt() in 4096 different ways; the first two characters indicate which one of the 4096 versions was used.
In modern unix systems stronger methods than the old DES crypt() version can be used.
The only thin I can think of is that maybe my crypted password contains an escape sequence that might not be properly handled in anaconda?
The traditional crypt strings are from a limited set 64 characters and are always 13 characters long. GNU libc can use md5 based encryption (the first 3 characters are $1$ and are up to 34 characters in length) but are still from the character set [a-zA-Z0-9./]
On Fri, 7 Sep 2007, Stephen Harris wrote:
The traditional crypt strings are from a limited set 64 characters and are always 13 characters long. GNU libc can use md5 based encryption (the first 3 characters are $1$ and are up to 34 characters in length) but are still from the character set [a-zA-Z0-9./]
The openssl binary can easily create a shadow-compatible hash for you:
openssl passwd -1
Sorry for the delay - I got pulled off to another cirtical project for a while. Thanks for the info on crypt guys...
I still haven't solved this problem... I've tried mulitple different copies of the string - and it is the complete string. The next thing I'm going to try is a different password altogether... are there any other suggestions?
- Gareth
On 9/7/07, Johnn Tan linuxweb@gmail.com wrote:
semi linux wrote:
The only thin I can think of is that maybe my crypted
password
contains an escape sequence that might not be properly
handled in
anaconda?
The crypted password might end on a character like '/' or '.' -- are you grabbing the complete string?
johnn _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Alfred von Campe -
Jeremy Rosengren -
Johnn Tan -
Paul Heinlein -
semi linux -
Stephen Harris