>Okay, we've clawed our way up part of the auto-install/jumpstart
>learning curve (in solaris2.1). Next question is how can we make
>autoinstall install a root password and .rootkey? Presumably we
>could scribble a root password into /etc/shadow from the auto-install
>finish script. Making the .rootkey seems harder. Can we use des to
>decrypt the machine's secret key from the cred table (and then write
>the secret key into .rootkey)? Is that what goes into .rootkey?
>Right now the newly installed machine prompts for a root password and
>requires a "keylogin -r".
We install a root password with auto-install/jumpstart because it
isn't a secure idear that every user kan insert a L1-A and
type a boot net - install, and then is prompted for a passwd (GGRRGR)
We have several scripts sourced from the finish_script
below are our etc.shadow and etc.sysIDtool.state scripts.
Install the encripted passwd string instead of XXXXXXXXXXXXX.
Make sure the script isn't readable.
Jan.
etc.shadow:
#!/bin/sh
echo fixing /etc/shadow
(
ed ${NEW_ROOT}/etc/shadow <<!
1
s/::/:XXXXXXXXXXXXX:/
.
w
q
!
) 2>&1 | grep I_DONT_WANT_IT_TO_SEE
etc.sysIDtool.state:
#!/bin/sh
echo fixing /etc/.sysIDtool.state
(
ed ${NEW_ROOT}/etc/.sysIDtool.state <<!
/root password prompted for/
s/0/1/
.
w
q
!
) 2>&1 | grep I_DONT_WANT_IT_TO_SEE
--
Jan Wortelboer, University of Amsterdam
Unix Kruislaan 403 Kamer F003 Phone: +31 20 525 7501
systems manager 1098 SJ AMSTERDAM Fax : +31 20 525 7490
by