[Users] create CT with password
Dietmar Maurer
dietmar at proxmox.com
Tue Nov 11 04:58:46 EST 2008
Is there are real world example where my approach does not work?
I check for /etc/shadow, and store as md5 - AFAIK the user is able to
login with that password on all distribution using pam_unix. If not, we can still
try to read and parse the pam configuration.
It will not work for nis, but that is a rare case. But nis requires a network anyways,
so the current code also fails.
So how can I create a VM with a password? For example:
# vzctl create
# vzctl start
# vzctl set --password
can also fail because the network is not running when we execute the passwd
command (vzctl start does not wait until the network is fully functional, and passwd requires
the network when it uses nis).
Or is that wrong?
- Dietmar
> > The only problem is the solution is not generic. In other words, we
> > can't know how different distros handle local users. It used to be
> > crypt(3) and /etc/passwd (later /etc/shadow) manipulation. Now
> > everybody
> > uses PAM which can be configured in this or that way. For example,
> new
> > passwords are checked (by pam_cracklib) for minimum length etc. (see
> > pam_cracklib(8) for much more details). Also they could be stored in
> a
> > different ways (this applies to both storage and hashes), say use (or
> > not use) /etc/shadow, md5 or sha256 hash or even NIS (see pam_unix(8)
> > for more details).
>
> I just thought my approach works in 99,99% of all cases, but maybe I am
> wrong.
More information about the Users
mailing list