[lxc-devel] [PATCH v2 3/3] Improve setting the default password in a new container

Serge Hallyn serge.hallyn at ubuntu.com
Thu Oct 16 09:18:39 UTC 2014 

Quoting Stéphane Graber (stgraber at ubuntu.com):
> On Thu, Oct 09, 2014 at 06:46:19PM +0000, Serge Hallyn wrote:
> > Quoting TAMUKI Shoichi (tamuki at linet.gr.jp):
> > > The default password in a new container is now auto-generated using
> > > phoneme rules and (good) random numbers.
> > > 
> > > Even if the default random password is set in a distribution-specific
> > > template and you use the download template to pull a pre-built rootfs
> > > image, you will get the same password every time unless the pre-built
> > > rootfs image is updated.
> > > 
> > > So, the default random password in a new container is to be set after
> > > container creation.  The user names whose passwords to be changed are
> > > stored in *.chpasswd file which is located at /usr/share/lxc/config.
> > > Each line of the file specifies a user name whose password is to be
> > > changed.  If the target *.chpasswd file does not exist, no password is
> > > changed in a new container.
> > > 
> > > Signed-off-by: TAMUKI Shoichi <tamuki at linet.gr.jp>
> > 
> > Hi.
> > 
> > After a "brief" look over this patch I didn't see any technical problems,
> > but let's take a step back and talk about the usage of this.
> > 
> > Three things I'd like to discuss, and I'm curious whether you've talked
> > at all with Michael or Stéphane about this approach.
> > 
> > 1. You print out the new passwords on lxc-create command line.
> >    a. You always do this, -q or no (trivial fix)
> >    b. The resulting passwords aren't available for later perusal.  This
> >       works fine if i sit at the command line and create one container,
> >       but not if a script is creating one
> >       One might say "well you can reset it using attach" but if that is
> >       our feeling then we may as well set all passwords to invalid and
> >       always require users to set them.
> > 
> > 2. The resetting of passwords is guided only via the template.chpasswd
> >    files.  There should be a way to override these via the configuration file
> >    or command line.  What about simply making this a list in the configuration
> >    file?  So the $distro.common configuration file could have
> > 
> > lxc.chpasswd = joe
> > lxc.chpasswd = root
> > 
> >    then my own configuration file could include that and do
> > 
> > lxc.chpasswd =
> > 
> >    to clear out the list and request no changes
> > 
> > 3. To fix 1b, I think it'd be ok to have a (default-off) config item
> > 
> > lxc.store-passwords = 1
> > 
> >    which will store the uname:passwd entries in 700-mode
> >    $lcxpath/$container/passwords
> > 
> > Comments?
> 
> Please don't use the lxc.* namespace for that as those keys are
> restricted to the internal config parser.
> 
> But having something like template.users.* or similar would indeed be fine.

So I think if you do these that will be very interesting.

More information about the lxc-devel mailing list