[lxc-devel] Download template images default password
Serge Hallyn
serge.hallyn at ubuntu.com
Tue Nov 4 08:25:23 UTC 2014
Quoting TAMUKI Shoichi (tamuki at linet.gr.jp):
> Hello,
>
> From: Stephane Graber <stgraber at ubuntu.com>
> Subject: Re: [lxc-devel] Download template images default password
> Date: Wed, 29 Oct 2014 11:19:59 -0400
>
> > While I'd love for every template maintainer to follow suit and ship
> > with no users, no root password and no network services by default, I
> > don't think it'd be very popular to force that upon them.
>
> Sure. By the way, the root account password is locked in Ubuntu by
> default. This means that you cannot login as root directly or use
> the su command to become the root user. So, we need to prepare some
> default user account like "ubuntu" especially in Ubuntu by default,
> right?
lxc-attach works just fine though. That's no comfort if you're on an
old kernel that doesn't support it...
> > I think there's still much discussion that need to happen around our
> > templates and what we want things to look like in the future and I hope
> > we can make that a main thing for 1.2.
> >
> > My current view is that we should be extending the download template to
> > cover some of the remaining use cases of regular templates and then
> > maybe one day move the templates outside of the main LXC source tree,
> > instead having them reside in their own branch where people who want to
> > hand roll their own images can use them. But having our default
> > experience be around pre-built images offering a consistent and fast
> > experience to our users.
>
> So, after moving the download template outside of the main LXC source
> tree one day in the future, is there any way to create unprivileged
> containers with the regular templates in the source tree?
>
> > I however don't expect this to happen overnight and so I think that
> > first working towards providing a similar feature set across templates
> > and offer more consistency is a very worthwhile goal in the near future
> > and indeed something we should spend time on for 1.2.
For what it's worth, your approach is currently my favorite - a general
template-independent solution that should work for everyone.
-serge
More information about the lxc-devel
mailing list