Commit Graph

9 Commits

Author SHA1 Message Date
Michael Shigorin
de94641c41 vm-ssh: renamed to net-ssh and cleaned up
There was no need to split carrying over the pubkey
and tightening up permissions on the file and its parent
directory to be done in two separate scripts; this should
be more generic now as a bonus.

Users adjusted accordingly.
2013-08-12 20:53:01 +04:00
Michael Shigorin
e8a067b4af vm.mk: add su to vm/net
It's pretty frustrating to be able to ssh into a vm
while being unable to administer it knowing the rootpw...
2013-06-20 16:17:52 +04:00
Michael Shigorin
a18295f223 {lib,conf.d}/{ve,vm}.mk: shift the real targets
lib/*.mk aren't going to be parsed for build targets
in the near future; and the early placement of those
targets was superseded by a dedicated configuration
snippet directory so just move these bits there.
2013-06-19 16:52:02 +04:00
Michael Shigorin
d22c793ee9 initial deflogin feature (security sensitive!)
The feature officially introduces the "engineering passwords"
including empty ones which have been around since forever but
weren't properly managed (and still are not, at least until
there are no stray passwd/chpasswd/usermod calls in both the
profile, installer-features and all the other related parts).

It is based on an m-p-d init3-users script by stanv@ but was
cleaned up and restructured in a pretty severe manner; thanks
glebfm@ for additional discussion.

This also cleans up the kludge previously stuck into build-vm.

Note that vm/icewm sports graphical autologin now as well as
the default root password (which can be overridden by passing
ROOTPW=... to make but it is a change from the previous state
of affairs indeed).
2013-06-17 14:03:54 +04:00
Michael Shigorin
e52e21781f actually useful vm/icewm
See http://www.opennet.ru/openforum/vsluhforumID3/86239.html#1
for a query that has led to this one; in particular,
- xdm dropped (won't log in root and there are no users yet);
- network is brought up and configured via DHCP by default;
- apt-get works out-of-box;
- default image size is twice the chroot size.
2012-09-03 19:16:50 +03:00
Michael Shigorin
307fb51f15 conf.d/test.mk: experimental stuff went here
Some images were unbuildable (at least without special setup,
like ve/centos), unusable or just not useful in any meaningful way
(like distro/live-isomd5sum); as these tend to get any attention
during experiments, I decided to put them together in a separate
configuration file that would be effectively skipped if DEBUG
is not requested.
2012-07-31 21:28:44 +04:00
Michael Shigorin
09be84beee initial vm-{net,ssh} features
A virtual machine isn't very useful if there are no means
to access it; let's bring up the basic networking and provide
root SSH access via pre-existing public key.

As the remote access with known default credentials is roughly
equivalent to just lending one's VMs to anyone with network
access to it, the fallback root password is now exterminated;
you have to provide one (or a long enough random string
if you plan to use keys only, see e.g. apg utility).
2012-06-25 19:29:38 +03:00
Michael Shigorin
0a5f164d65 cleanup, build-vm: mutual support
It appears that reusing installer-feature-*-stage3 packages
is perfectly fine with VM images; these just need to be removed
after the package scripts they carry have worked out.
2012-06-25 19:29:38 +03:00
Michael Shigorin
90be07fbf8 initial conf.d/vm.mk
After we have built a bare virtual machine image successfully
some variations are due, and these are to be described here.
2012-06-25 19:29:38 +03:00