diff options
Diffstat (limited to 'http')
-rw-r--r-- | http/centos-7.3/anaconda-ks.cfg | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/http/centos-7.3/anaconda-ks.cfg b/http/centos-7.3/anaconda-ks.cfg index 8cb0be2..c75033c 100644 --- a/http/centos-7.3/anaconda-ks.cfg +++ b/http/centos-7.3/anaconda-ks.cfg @@ -6,11 +6,10 @@ lang en_US.UTF-8 keyboard --vckeymap=de-nodeadkeys --xlayouts='de (nodeadkeys)' timezone Europe/Berlin --isUtc --nontp auth --enableshadow --passalgo=sha512 -rootpw --iscrypted $6$6yzbOJJy5auuBh9$XUAtAt/ErLkz6.1t8J4UpyZPPUbKjGO1uATaZaxmG02IhJbOwnJMqI6MTJw.SzbBvy8THCmmoia1tVMfXhGVJ1 clearpart --none --initlabel bootloader --location=mbr --boot-drive=sda part biosboot --fstype="biosboot" --ondisk=sda --size=1 -part / --fstype="ext4" --ondisk=sda --grow --label=SLX_SYS +part / --fstype="xfs" --ondisk=sda --grow --label=SLX_SYS %packages @^minimal @@ -18,6 +17,26 @@ part / --fstype="ext4" --ondisk=sda --grow --label=SLX_SYS kexec-tools %end +# small python script to extract the password from the kernel command line +# expects the password given as: rootpw=<password> +%pre --interpreter=/usr/bin/python +import shlex, crypt +arg = 'rootpw=' +with open('/proc/cmdline', 'r') as f: + kcl = f.read().split() +# extract the password +passwords = [x[len(arg):] for x in kcl if x.startswith(arg)] +if len(passwords) == 1: + kclpass = passwords[0] +# TODO sane fallbacks. This should work most of the time though :) +# generate SHA512 hash +hash = crypt.crypt(kclpass, crypt.mksalt(crypt.METHOD_SHA512)) +with open('/tmp/setup-root-pass', 'w') as f: + f.write('rootpw --iscrypted ' + hash) +%end +# include the created password file +%include /tmp/setup-root-pass + %post --erroronfail yum -y update yum -y install wget |