On Wed, Jul 05, 2017 at 01:10:33AM +0100, Steve McIntyre wrote: >Phil wrote: >> >>In a previous mail I mentioned removal of '--lock-root-password'. >> >>On the same line (36) of 'vm.py' is the argument passed to >>'vmdebootstrap' of '--sudo'. Ok, according to the manual pages this >>will force the install of the 'sudo' package. Also if a user is >>created, it will add them to the 'sudo' group. >> >>However, under 'live-wrapper' I see no user creation at >>'vmdebootstrap' creation time, thus this leaves us with 'sudo' >>installed but any user created at install of the end result ISO image, >>not part of the 'sudo' group. >> >>I see the primary purpose of the correct usage is to create a username >>and password that can be used while running in live mode. >> >>Example: >> >>vmdebootstrap --user=debian/debian --sudo >> >>The above would create a user 'debian' with password 'debian' who can >>use 'sudo' whilst running in live mode; and it is probably this >>behaviour we would want? > >Not really, no. There's a special live-specific sudo config file >/etc/sudoers.d/live which gives sudo rights to the live user without >password. > >If you're trying to track down the su/sudo problem with the live >installer, that's somewhere different. The installer is meant to write >changes to the passwd/shadow/sudoers files at the end of the >installation, and that does't seem to be working. I've been too busy >in the last few days to look into that any deeper.
In fact, I've found the problem now. vmdebootstrap explicitly locks the password for root in /etc/shadow using "passwd -l". That changes the crypted root passwd from "*" to "!*". Later on, user-setup-udeb in the installer only looks for a locked root account containing "*". It doesn't recognise the "!*" and assumes that's a valid password so doesn't change it. I'll get user-setup-udeb fixed, but for now I have a quick-hack fix in live-customise.sh to replace '!*' with '*'. All works after that point. \o/ -- Steve McIntyre, Cambridge, UK. st...@einval.com "C++ ate my sanity" -- Jon Rabone
