[CentOS-devel] Cloud image default login

Tue Jul 15 15:54:29 UTC 2014
Nico Kadel-Garcia <nkadel at gmail.com>


On Tue, Jul 15, 2014 at 10:44 AM, Neil Wilson <neil at brightbox.co.uk> wrote:

> I do the opposite and don’t lock the root user, but lock it in %post
> As in:
> # Install root password - removed and locked in post.
> rootpw --iscrypted $1$2e74e5$wMj25e4rEb4rJxqm7BAnk0

%post steps are potentially destabilizing. system-config-kickstart
doesn't handle multiple %post steps correctly, it's currently broken
anyway, they don't get recorded in anaconda-ks.cfg, and overall they
can be very confusing when you access a machine later and say "how was
this set up"

Instead use something like this.

    # Install locked root password
    rootpw --iscrypted ***LOCKED***

If you have to add '%post' steps, add this first to preserve a copy
for stability.

     /bin/cp /tmp/ks.cfg /mnt/sysimage/root/ks.cfg

I've no idea why the anaconda kickstart doesn't do this, as well as or
instead of that horrid, interpreted, mess of an interpreted and
deduced kickstart file that may have no legible resemblance to the
original ks.cfg.