Google
  Web www.spinics.net

Re: [PATCH rhel7-alpha2-branch] Start ssh with systemd, not in anaconda (#824580)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On 05/29/2012 05:36 AM, Radek Vykydal wrote:
In this take:

1) sshd is started always, regardless of sshd boot option,
(as in s390x) with empty root password.

2) sshpw kickstart command works, so root/users passwords can be set,
but this happens in anaconda so between sshd and anaconda is run
there is root ssh access without password.

Is this ok for alpha2?
To achieve original behaviour we'll need to parse sshd option in dracut and
change sshd (and/or perhaps anaconda/sshd systemd) configuration files in dracut.
Setting passwords (at least for root) already in dracut may be needed.
I'd need to consult this with Will, or leave it to him.

In the s390 case we don't want anaconda to start, what we want is the sshd server brought up, and a message displayed to the user to ssh in as install@<host>. The install user has a shell set to launch anaconda.

What I've been playing with locally is changing what the anaconda@.service executes. I created a simple anaconda.sh that will just echo "Please ssh -x install@<host> to start Anaconda", and I makde the anaconda@.service execute that. Then /sbin/anaconda gets launched by the install user.

What we could do is a bit more of a shim in /sbin/anaconda or /sbin/anaconda.sh or wherever. If the arch is s390, then it'll do the echo and exit, but if it's not s390 then it'll continue on to actually launch anaconda.

I don't think this solves the root password problem, but as you said we can move that into dracut for parsing, so that it can be done prior to sshd service bring up. The dracut parsing could also set a file or flag for the sshd service to be enabled/disabled, again if s390 forcing it on. Not quite sure what this would look like, just an idea.

--
Jesse Keating
Fedora -- Freedom² is a feature!

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list



[Home]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Red Hat 9 Bible]     [Fedora Bible]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]

Powered by Linux

Google
  Web www.spinics.net