[lxc-users] credentials for fedora container

Michael H. Warfield mhw at WittsEnd.com
Wed Dec 25 15:17:20 UTC 2013 

On Wed, 2013-12-25 at 16:02 +0200, Kevin Wilson wrote: 
> Hello,

> I commented the line  "session    required     pam_loginuid.so"
> in login, and rebooted the container, and the problem persisted.
> I also commented this same line in
> /usr/local/var/lib/lxc/fedoraCT/rootfs/etc/pam.d/remote
> and rebooted, and still the same problem, cannot login with
> root/root.

> There is no file named "sshd" under
> /usr/local/var/lib/lxc/fedoraCT/rootfs/etc/pam.d/:

In that case, you definitely need to go with 1.0.0-beta1 or better.  I
just did the same thing and root/root worked (we've got to figure out
something better there) and there definitely is an /etc/pam.d/sshd file
in the the container.  But I do vaguely recall adding sshserver to the
template, I just don't remember exactly when, which is telling me that
you definitely need the newer template.

You might also check the log
file /usr/local/var/lib/lxc/fedoraCT/rootfs/var/log/secure for any
unusual failures that may point out the problem but the easier path may
still be the newer version.

As far as the actual creds go, you can easily change them from the
host...

chroot /usr/local/var/lib/lxc/fedoraCT/rootfs/

(Note: If this fails, you've got far FAR bigger problems!)

passwd

(Enter new container root password twice)

exit

Done...

Regards,
Mike

> ls -al   /usr/local/var/lib/lxc/fedoraCT/rootfs/etc/pam.d/
> total 76
> drwxr-xr-x  2 root root 4096 Dec 24 21:10 .
> drwxr-xr-x 52 root root 4096 Dec 24 21:10 ..
> -rw-r--r--  1 root root  192 Nov 18 13:05 chfn
> -rw-r--r--  1 root root  192 Nov 18 13:05 chsh
> -rw-r--r--  1 root root  232 Oct 14 17:03 config-util
> -rw-r--r--  1 root root  701 Oct 14 17:03 fingerprint-auth
> -rw-r--r--  1 root root  796 Nov 18 13:05 login
> -rw-r--r--  1 root root  154 Oct 14 17:03 other
> -rw-r--r--  1 root root  188 Aug  3 23:16 passwd
> -rw-r--r--  1 root root  760 Oct 14 17:03 password-auth
> -rw-r--r--  1 root root  310 Oct 14 17:03 postlogin
> -rw-r--r--  1 root root  681 Nov 18 13:05 remote
> -rw-r--r--  1 root root  143 Nov 18 13:05 runuser
> -rw-r--r--  1 root root  138 Nov 18 13:05 runuser-l
> -rw-r--r--  1 root root  743 Oct 14 17:03 smartcard-auth
> -rw-r--r--  1 root root  540 Nov 18 13:05 su
> -rw-r--r--  1 root root  137 Nov 18 13:05 su-l
> -rw-r--r--  1 root root  760 Oct 14 17:03 system-auth
> -rw-r--r--  1 root root  181 Dec  6 00:22 systemd-user
> 
> Regards,
> Kevin
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
> 

-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20131225/fe120067/attachment.pgp>

More information about the lxc-users mailing list