FAI (root password change on errors)
Matteo Guglielmi
Matteo.Guglielmi at dalco.ch
Wed Jun 17 10:37:19 CEST 2020
While a client is being installed (FAI_FLAGS=verbose,sshd,reboot FAI_ACTION=install), I can ssh into it as 'root' with the password defined in
/etc/fai/nfsroot.conf (FAI_ROOTPW variable) but when FAI stops and bails out due to some error, FAI sends all the logs back to the install
server and then does(?) something else (see second section) which includes changing the root password... am I correct?
After that root password change, I'm not able to login anymore (see third section).
Where is that password change defined?
# first section
Jun 17 08:38:24 ip-172-16-16-117 sshd[1010]: Accepted password for root from 172.16.16.200 port 52056 ssh2
Jun 17 08:38:24 ip-172-16-16-117 sshd[1010]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jun 17 08:38:24 ip-172-16-16-117 sshd[1010]: pam_env(sshd:session): Unable to open env file: /etc/default/locale: No such file or directory
Jun 17 08:38:27 ip-172-16-16-117 sshd[1010]: Received disconnect from 172.16.16.200 port 52056:11: disconnected by user
Jun 17 08:38:27 ip-172-16-16-117 sshd[1010]: Disconnected from user root 172.16.16.200 port 52056
Jun 17 08:38:27 ip-172-16-16-117 sshd[1010]: pam_unix(sshd:session): session closed for user root
# second section
Jun 17 08:39:55 ip-172-16-16-117 groupadd[1505]: group added to /etc/group: name=rpc, GID=32
Jun 17 08:39:55 ip-172-16-16-117 groupadd[1505]: group added to /etc/gshadow: name=rpc
Jun 17 08:39:55 ip-172-16-16-117 groupadd[1505]: new group: name=rpc, GID=32
Jun 17 08:39:55 ip-172-16-16-117 useradd[1513]: new user: name=rpc, UID=32, GID=32, home=/var/lib/rpcbind, shell=/sbin/nologin
Jun 17 08:39:56 ip-172-16-16-117 groupadd[1545]: group added to /etc/group: name=rpcuser, GID=29
Jun 17 08:39:56 ip-172-16-16-117 groupadd[1545]: group added to /etc/gshadow: name=rpcuser
Jun 17 08:39:56 ip-172-16-16-117 groupadd[1545]: new group: name=rpcuser, GID=29
Jun 17 08:39:56 ip-172-16-16-117 useradd[1554]: new user: name=rpcuser, UID=29, GID=29, home=/var/lib/nfs, shell=/sbin/nologin
Jun 17 08:39:59 ip-172-16-16-117 passwd[1658]: pam_unix(passwd:chauthtok): password changed for root <<<<<<================ root PASS CHANGE
# third section
Jun 17 08:42:02 ip-172-16-16-117 sshd[37222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.16.16.200 user=root
Jun 17 08:42:05 ip-172-16-16-117 sshd[37222]: Failed password for root from 172.16.16.200 port 52069 ssh2
\!/
(@ @)
+-oOO----(_)-------+
| Matteo GUGLIELMI |
| *HPC Engineer* |
| |
| www.dalco.ch |
+--------------oOO-+
|__|__|
|| ||
ooO Ooo
More information about the linux-fai
mailing list