On Thursday 03 Nov 2005 07:59, Christian Perrier wrote: > So, there were two errors here: > > -$RET not quoted > -place of the line Actually, there a fair number of similar "$RET" bugs. Mostly they're benign, but there's one that derails the process. See attachment for diff to fix the problem so preseeding * works, at least for root. I haven't looked at setting up the user account. There is a further bug that means one has to preseed with precisely one space between "password" and "*", ie passwd passwd/root-password-crypted password * With the attached patch, white space is preserved. If additional space is placed between "password" and "*", one might end up with a shadow entry like: root: *:133[...etc...] The shadow(5) man page says: > If the password field contains some string that is not valid result of > crypt(3), for instance ! or *, the user will not be able to use a unix > password to log in, subject to pam(7). so not stripping off the white space should be fine (empirical evidence suggests this is true), but might cause some weird side-effects. > The easiest way is IMHO editing the > /target/var/lib/dpkg/info/passwd.config file before it's used in 2nd > stage. Nope. It turns out the dpkgs aren't unpacked (or whatever the process that produces entries in /var/lib/dpkg/info is called) until stage 2. They appear some point before the first message (welcome to your newly installed Debian system). Easiest way of testing is adding the following to a preseed script. base-config base-config/early_command string wget -qO /var/lib/dpkg/info/passwd.config http://grid01/passwd.config with an appropriate file on your web server. Cheers, Paul.
--- passwd.config-orig 2005-11-03 15:12:17.000000000 +0000 +++ passwd.config 2005-11-03 15:03:42.000000000 +0000 @@ -135,7 +135,7 @@ if ! root_password; then # First check whether the root password was preseeded crypted db_get passwd/root-password-crypted || true - if ! test $RET ; then + if ! test "$RET" ; then # No preseed of the root password hash # we will prompt the user db_input critical passwd/root-password || true @@ -153,7 +153,7 @@ if ! root_password; then # First check whether the root password was preseeded crypted db_get passwd/root-password-crypted || true - if ! test $RET ; then + if ! test "$RET" ; then # Compare the two passwords, loop back if not # identical, or if empty. db_get passwd/root-password @@ -181,9 +181,11 @@ else # The root password was preseeded encrypted # Clear it from the db, then set it - db_set passwd/root-password-crypted "" - ROOT_PW=$RET + ROOT_PW="$RET" setpassword root "$ROOT_PW" true + + # Clear root password hash from db. + db_set passwd/root-password-crypted "" ROOT_PW='' fi # Loop back to state #2 to make sure that there @@ -248,7 +250,7 @@ fi db_get passwd/user-password-crypted || true - if ! test $RET ; then + if ! test "$RET" ; then db_input critical passwd/user-password || true COMPARE_PW='' db_input critical passwd/user-password-again \ @@ -260,7 +262,7 @@ db_get passwd/make-user if [ "$RET" = true ] && ! is_system_user; then db_get passwd/user-password-crypted || true - if ! test $RET ; then + if ! test "$RET" ; then # Compare the two passwords, loop with message if not # identical, or if empty. db_get passwd/user-password @@ -311,7 +313,7 @@ fi db_get passwd/user-password-crypted || true - if ! test $RET ; then + if ! test "$RET" ; then # Clear password from the db, and set the password. db_set passwd/user-password "" db_set passwd/user-password-again ""
Attachment:
pgpAQI5W_Kw5D.pgp
Description: PGP signature