[lxc-devel] [PATCH v2 3/3] Improve setting the default password in a new container

[TAMUKI Shoichi]

Hello,

From: "Michael H. Warfield" <mhw at WittsEnd.com>
Subject: Re: [lxc-devel] [PATCH v2 3/3] Improve setting the default password in a new container
Date: Thu, 09 Oct 2014 23:23:30 -0400

> > The default password in a new container is now auto-generated using
> > phoneme rules and (good) random numbers.
> > 
> > Even if the default random password is set in a distribution-specific
> > template and you use the download template to pull a pre-built rootfs
> > image, you will get the same password every time unless the pre-built
> > rootfs image is updated.
> > 
> > So, the default random password in a new container is to be set after
> > container creation.  The user names whose passwords to be changed are
> > stored in *.chpasswd file which is located at /usr/share/lxc/config.
> > Each line of the file specifies a user name whose password is to be
> > changed.  If the target *.chpasswd file does not exist, no password is
> > changed in a new container.
> 
> This is obviously a festering problem and one that has already been
> addressed in the Fedora and CentOS templates in a different manner and
> additional patches have been submitted and under discussion.  Did you
> even bother to read the code in the Fedora and CentOS templates?

At first, I intended to use the code in the Fedora/CentOS templates,
but I became aware that the method was available only when using the
template with '-t' option to lxc-create.  It can not be used by non-
priv users.

> Please immediately table this patch until further discussion can be
> completed and a consensus achieved.

Sure, I would like to discuss the approach with the people interested.

Regards,
TAMUKI Shoichi