On Sat, 2014-10-11 at 11:58 +0900, TAMUKI Shoichi wrote: > Hello, > > From: "Michael H. Warfield" <m...@wittsend.com> > Subject: Re: [lxc-devel] [PATCH v2 3/3] Improve setting the default password > in a new container > Date: Thu, 09 Oct 2014 23:23:30 -0400 > > > > The default password in a new container is now auto-generated using > > > phoneme rules and (good) random numbers. > > > > > > Even if the default random password is set in a distribution-specific > > > template and you use the download template to pull a pre-built rootfs > > > image, you will get the same password every time unless the pre-built > > > rootfs image is updated. > > > > > > So, the default random password in a new container is to be set after > > > container creation. The user names whose passwords to be changed are > > > stored in *.chpasswd file which is located at /usr/share/lxc/config. > > > Each line of the file specifies a user name whose password is to be > > > changed. If the target *.chpasswd file does not exist, no password is > > > changed in a new container. > > > > This is obviously a festering problem and one that has already been > > addressed in the Fedora and CentOS templates in a different manner and > > additional patches have been submitted and under discussion. Did you > > even bother to read the code in the Fedora and CentOS templates?
> At first, I intended to use the code in the Fedora/CentOS templates, > but I became aware that the method was available only when using the > template with '-t' option to lxc-create. It can not be used by non- > priv users. That would then be handled by the download template and, iirc, it was Stéphane's intention to have those containers start with "locked" accounts and require lxc-attach or something similar to set up. > > Please immediately table this patch until further discussion can be > > completed and a consensus achieved. > Sure, I would like to discuss the approach with the people interested. Cool. > Regards, > TAMUKI Shoichi Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 978-7061 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel