James Wilkinson wrote:
Possibly the best fix would be to get anaconda / kickstart / whatever to set up a normal user account as well as root *before* that reboot. Feel free to enter a bugzilla RFE.
Using kickstart:
===== 8< Cut Here 8< ===== %post #! /bin/sh
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
sed 's/^PermitRootLogin.*/PermitRootLogin no/' \
/etc/ssh/sshd_config.orig > /etc/ssh/sshd_configuseradd -p 'o3o4fu0JNNFDo' -c "Foo Bar" -m -n foobar
touch /.autorelabel ===== 8< Cut Here 8< =====
Parameter for '-p' is crypted password. You can copy and paste some existing entry from /etc/shadow, or use some tool to generate it on command line (for example "slappasswd -h '{crypt}'" utility, from openldap-servers, will do the job). Touching dot autorelabel file is there because files created in postinstall scripts usually don't have correct SELinux security contexts.
-- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
