From eefaaecddd26080e88dbb0cbabdd4b8e7d5a9351 Mon Sep 17 00:00:00 2001 From: Eric Hameleers Date: Wed, 8 Sep 2021 14:31:08 +0200 Subject: Allow for empty password for the live and root accounts --- README.txt | 4 +++- liveinit.tpl | 17 +++++++++++++++-- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/README.txt b/README.txt index a5935f2..a67d391 100644 --- a/README.txt +++ b/README.txt @@ -287,12 +287,14 @@ You can still set just the XkbVariant by adding something like "kbd=ch xkb=,fr" livepw="somestring" => Change the password for user "live". The password is passed as a cleartext string. + You can pass an empty string (livepw=) to remove the password. locale=nl_NL kbd=nl tz=Europe/Amsterdam => Example of language, keyboard and/or timezone customization. rootpw="somestring" => Change the password for user "root". The password is passed as a cleartext string. + You can pass an empty string (rootpw=) to remove the password. === Custom software === @@ -852,7 +854,7 @@ What does the 'liveslak' init script do? * if you specified a custom keyboard layout for the console (and optionally another for X) by using the "kbd" and "xkb" boot parameters then these will be confifured in "/etc/rc.d/rc.keymap" and "/etc/X11/xorg.conf.d/30-keyboard.conf" in the Live OS. * Same for any custom locale which was specified with the "locale" parameter, this will get added to "/etc/profile.d/lang.sh". * If timezone and hardware clock were specified in the "tz" parameter, these will be configured in "/etc/localtime" and "/etc/hardwareclock". - * The boot parameters "livepw" and "rootpw" allow you to specify custom passwords for the 'live' and 'root' users; the defaults for these two are simply 'live' and 'root'. This is achieved by running the "chpasswd" command in the chrooted overlay so that a plain text password can be given as input. + * The boot parameters "livepw" and "rootpw" allow you to specify custom passwords for the 'live' and 'root' users; the defaults for these two are simply 'live' and 'root'. This is achieved by running the "chpasswd" command in the chrooted overlay so that a plain text password can be given as input. If you would rather avoid a password completely, you can just pass an empty string ("livepw=" or "rootpw="). * The "hostname" and "domain" boot parameters can be used to change the Live OS' hostname from its default "darkstar" and the domain to something else than "home.arpa". Configuration is written to "/etc/hosts", "/etc/HOSTNAME" and "/etc/NetworkManager/NetworkManager.conf". * If the "nfshost" boot parameter was specified, the Live OS is going through a network (PXE) boot. Appropriate network drivers will be loaded and network configuration will be applied so that the squashfs modules can be loaded via NFS. * If the "blacklist" boot parameter was specified, then the kernel modules mentioned as argument(s) will be added to a modprobe blacklist file "/etc/modprobe.d/BLACKLIST-live.conf". diff --git a/liveinit.tpl b/liveinit.tpl index 1eaba1d..e25bf9b 100644 --- a/liveinit.tpl +++ b/liveinit.tpl @@ -106,6 +106,11 @@ HNMAC_ALLOWED="YES" INTERFACE="" NFSHOST="" +# Password handling, assign random initialization: +DEFPW="7af0aed2-d900-4ed8-89f0" +ROOTPW=$DEFPW +LIVEPW=$DEFPW + # Max wait time for DHCP client to configure an interface: DHCPWAIT=20 @@ -1162,20 +1167,28 @@ EOT fi fi - if [ ! -z "$LIVEPW" ]; then + if [ -n "$LIVEPW" ] && [ "$LIVEPW" != "${DEFPW}" ]; then # User entered a custom live password on the boot commandline: echo "${MARKER}: Changing password for user '${LIVEUID}'." chroot /mnt/overlay /usr/sbin/chpasswd <