Hi
I attach an initramfs hook script I added to my live CD
(config/chroot_local-includes/usr/share/initramfs-tools/scripts/) to be
able to set a different password for the live user.
The change can be from either a new command-line parameter
'password=<newpassword>' or through setting PASSWORD=<newpassword> in
the file live.cfg on the live media (which is probably handy for USB).
What do you think about using such a file?
Rationale: my live CD exposes an ssh server by default, which is a basic
requirement. I would thus like to allow the user to give some minimal
security from remote attackers who happen to read the documentation that
includes the default password.
I don't intend to hid that password from any other local users.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
#!/bin/sh
#set -e
# initramfs-tools header
PREREQ=""
prereqs() {
echo "${PREREQ}"
}
case "${1}" in
prereqs)
prereqs
exit 0
;;
esac
# life-initramfs header
. /scripts/live-functions
# life-initramfs script
if [ -f "/root/live/image/live.cfg" ]
then
# Make sure we have a Unix (and not DOS/Mac) text file
sed -e 's/\r\n/\n/' -e 's/\r/\n/g' \
<"/root/live/image/live.cfg" >/tmp/live.cfg
. /tmp/live.cfg
fi
# Extra boot parameters:
for ARGUMENT in $(cat /proc/cmdline)
do
case "${ARGUMENT}" in
password=*) PASSWORD="${ARGUMENT#password=}";;
esac
done
# If it was not set, one way or the other, we have nothing to do:
if [ ! "${PASSWORD}" ]
then
exit 0
fi
log_begin_msg "Setting a custom password for the default user"
echo "${USERNAME}:${PASSWORD}" | chroot /root /usr/sbin/chpasswd
log_end_msg
