trouble with ttyS0 (cloud-init, agetty....)
by Matthew Miller
We added console=ttyS0 to the cloud image kernel command line, so that
console output is logged in OpenStack -- see
https://bugzilla.redhat.com/show_bug.cgi?id=886338, and also a request on
this list.
But, that doesn't exist in Amazon EC2, which ...
1. ... had the effect of making cloud-init totally fail to run (see earlier
threads), and ....
2. results in systemd generating a getty service for ttyS0, which then fails
repeatedly.
Now, it happens that in EC2, we are using the menu.lst file to boot, and in
OpenStack, it's the extlinux.conf. We _could_ kludge this by putting
console=ttyS0 in extlinux.conf and console=hvc0 in menu.list. But that seems
pretty ugly.
Also, in EC2, we probably want to actually disable all agettys. But in
OpenStack, you can actually get to the console (a cool feature!) and having
a getty might be useful..... except, I realize as I'm typing, that there's
really no way to log in there without further configuration. Would it be so
awful to suppress the agettys completely by default?
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm(a)fedoraproject.org>
10 years, 10 months
2 commits - generic/fedora-19-i386-cloud.ks generic/fedora-19-x86_64-cloud.ks
by Matthew Miller
generic/fedora-19-i386-cloud.ks | 12 +++++++++++-
generic/fedora-19-x86_64-cloud.ks | 12 +++++++++++-
2 files changed, 22 insertions(+), 2 deletions(-)
New commits:
commit 5c70a0a3df5121ad76694f70d79180b63c35d1b7
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Mon Jun 17 14:44:28 2013 -0400
ec2-user to fedora; see mailing list discussion
diff --git a/generic/fedora-19-i386-cloud.ks b/generic/fedora-19-i386-cloud.ks
index 4010024..2a92bc6 100644
--- a/generic/fedora-19-i386-cloud.ks
+++ b/generic/fedora-19-i386-cloud.ks
@@ -213,6 +213,10 @@ fi
#disable_root: 0
#EOF
+# This is a temporary fix to change the default user to "fedora"; this
+# change is pending in an f19 update to the cloud-utils pakcage
+sed -i 's/ec2-user/fedora/;s/EC2 user/Fedora Cloud User/' /etc/cloud/cloud.cfg
+
echo "Cleaning old yum repodata."
yum clean all
diff --git a/generic/fedora-19-x86_64-cloud.ks b/generic/fedora-19-x86_64-cloud.ks
index cfba2a1..b89d417 100644
--- a/generic/fedora-19-x86_64-cloud.ks
+++ b/generic/fedora-19-x86_64-cloud.ks
@@ -210,6 +210,10 @@ fi
#disable_root: 0
#EOF
+# This is a temporary fix to change the default user to "fedora"; this
+# change is pending in an f19 update to the cloud-utils pakcage
+sed -i 's/ec2-user/fedora/;s/EC2 user/Fedora Cloud User/' /etc/cloud/cloud.cfg
+
echo "Cleaning old yum repodata."
yum clean all
commit e6cc4607fa93164ba37425bc6f3b034049ebbfcb
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Mon Jun 17 14:44:05 2013 -0400
tty fixes
diff --git a/generic/fedora-19-i386-cloud.ks b/generic/fedora-19-i386-cloud.ks
index 1e14cb3..4010024 100644
--- a/generic/fedora-19-i386-cloud.ks
+++ b/generic/fedora-19-i386-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="serial=tty0 console=tty1 console=ttyS0,115200n8 console=hvc0" extlinux
+bootloader --timeout=1 --append="serial=tty0 console=ttyS0,115200n8 console=hvc0 console=tty1" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
@@ -143,6 +143,12 @@ COMMIT
EOF
echo .
+echo -n "Getty fixes"
+# although we want console output going to the serial console, we don't
+# actually have the opportunity to login there. FIX.
+# we don't really need to auto-spawn _any_ gettys.
+sed -i '/^#NAutoVTs=.*/ a\
+NAutoVTs=0' /etc/systemd/logind.conf
echo -n "Network fixes"
# initscripts don't like this file to be missing.
diff --git a/generic/fedora-19-x86_64-cloud.ks b/generic/fedora-19-x86_64-cloud.ks
index 4d185b5..cfba2a1 100644
--- a/generic/fedora-19-x86_64-cloud.ks
+++ b/generic/fedora-19-x86_64-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="serial=tty0 console=tty1 console=ttyS0,115200n8 console=hvc0" extlinux
+bootloader --timeout=1 --append="serial=tty0 console=ttyS0,115200n8 console=hvc0 console=tty1" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
@@ -139,6 +139,12 @@ COMMIT
EOF
echo .
+echo -n "Getty fixes"
+# although we want console output going to the serial console, we don't
+# actually have the opportunity to login there. FIX.
+# we don't really need to auto-spawn _any_ gettys.
+sed -i '/^#NAutoVTs=.*/ a\
+NAutoVTs=0' /etc/systemd/logind.conf
echo -n "Network fixes"
# initscripts don't like this file to be missing.
10 years, 10 months
Server SSH Key not in Log
by Alan Gutierrez
When I launch the new i386 Fedora 19 image at AWS US East, I don't see the ssh
server public keys nor their fingerprints. I have a bootstrap script that builds
an image based on this image that obtains the public key from an API call that
retrieves the console. No key and the script breaks.
Is this intended or is it an oversight?
--
Alan Gutierrez ~ @bigeasy
10 years, 10 months
generic/fedora-19-i386-cloud.ks generic/fedora-19-x86_64-cloud.ks
by Matthew Miller
generic/fedora-19-i386-cloud.ks | 2 +-
generic/fedora-19-x86_64-cloud.ks | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
New commits:
commit 437d15234ce6a7cba502b5d51d152c5713f76580
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Fri Jun 14 08:59:52 2013 -0400
tty0 parameters as recommended by https://bugzilla.redhat.com/show_bug.cgi?id=886338
diff --git a/generic/fedora-19-i386-cloud.ks b/generic/fedora-19-i386-cloud.ks
index 9acc31d..1e14cb3 100644
--- a/generic/fedora-19-i386-cloud.ks
+++ b/generic/fedora-19-i386-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="console=tty1 console=ttyS0 console=hvc0" extlinux
+bootloader --timeout=1 --append="serial=tty0 console=tty1 console=ttyS0,115200n8 console=hvc0" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
diff --git a/generic/fedora-19-x86_64-cloud.ks b/generic/fedora-19-x86_64-cloud.ks
index 84922cc..4d185b5 100644
--- a/generic/fedora-19-x86_64-cloud.ks
+++ b/generic/fedora-19-x86_64-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="console=tty1 console=ttyS0 console=hvc0" extlinux
+bootloader --timeout=1 --append="serial=tty0 console=tty1 console=ttyS0,115200n8 console=hvc0" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
10 years, 10 months
Default cloud user name
by Juerg Haefliger
Hi all,
Per Matt's request, I'm starting a new thread about the default user
name for Fedora cloud images. Currently it's 'ec2-user' which I don't
really like. OK, coming from the OpenStack-side of the cloud I might
be a little biased :-) Nevertheless, I think we want to achieve an end
goal of a single image that can be used in different cloud
environments rather than having different images for the different
environments. As such, the user name needs to be cloud/service
provider independent. Following the lead of Ubuntu and Debian I
propose to use 'fedora' as the default user name for F19 and going
forward.
Let the popularity contest begin...
...Juerg
10 years, 10 months
generic/fedora-19-i386-cloud.ks generic/fedora-19-x86_64-cloud.ks
by Matthew Miller
generic/fedora-19-i386-cloud.ks | 2 +-
generic/fedora-19-x86_64-cloud.ks | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
New commits:
commit 406cb841c544799e4c2e12f09e1961ae2e4e6a96
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Jun 13 19:04:28 2013 -0400
console=hvc0 for ec2
diff --git a/generic/fedora-19-i386-cloud.ks b/generic/fedora-19-i386-cloud.ks
index 65937ac..9acc31d 100644
--- a/generic/fedora-19-i386-cloud.ks
+++ b/generic/fedora-19-i386-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="console=tty1 console=ttyS0" extlinux
+bootloader --timeout=1 --append="console=tty1 console=ttyS0 console=hvc0" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
diff --git a/generic/fedora-19-x86_64-cloud.ks b/generic/fedora-19-x86_64-cloud.ks
index fc73a80..84922cc 100644
--- a/generic/fedora-19-x86_64-cloud.ks
+++ b/generic/fedora-19-x86_64-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="console=tty1 console=ttyS0" extlinux
+bootloader --timeout=1 --append="console=tty1 console=ttyS0 console=hvc0" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
10 years, 10 months
2 commits - generic/fedora-19-i386-cloud.ks generic/fedora-19-i386.ks generic/fedora-19-i386-minimal.ks generic/fedora-19-x86_64-cloud.ks generic/fedora-19-x86_64.ks generic/fedora-19-x86_64-minimal.ks
by Matthew Miller
generic/fedora-19-i386-cloud.ks | 4 ++--
generic/fedora-19-i386-minimal.ks | 2 +-
generic/fedora-19-i386.ks | 2 +-
generic/fedora-19-x86_64-cloud.ks | 4 ++--
generic/fedora-19-x86_64-minimal.ks | 2 +-
generic/fedora-19-x86_64.ks | 2 +-
6 files changed, 8 insertions(+), 8 deletions(-)
New commits:
commit 765792878dadb258016d83105a1d950ac2ea1aa9
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Jun 13 17:31:24 2013 -0400
tty0 should have been tty1
diff --git a/generic/fedora-19-i386-cloud.ks b/generic/fedora-19-i386-cloud.ks
index dec6ad9..65937ac 100644
--- a/generic/fedora-19-i386-cloud.ks
+++ b/generic/fedora-19-i386-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="console=tty0 console=ttyS0" extlinux
+bootloader --timeout=1 --append="console=tty1 console=ttyS0" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
diff --git a/generic/fedora-19-x86_64-cloud.ks b/generic/fedora-19-x86_64-cloud.ks
index 6510f6b..fc73a80 100644
--- a/generic/fedora-19-x86_64-cloud.ks
+++ b/generic/fedora-19-x86_64-cloud.ks
@@ -24,7 +24,7 @@ rootpw --lock --iscrypted locked
# matching these rules is generated below.
firewall --service=ssh
-bootloader --timeout=1 --append="console=tty0 console=ttyS0" extlinux
+bootloader --timeout=1 --append="console=tty1 console=ttyS0" extlinux
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,rsyslog,iptables,cloud-init,cloud-init-local,cloud-config,cloud-final
commit 6213c096561758cfdfd01b6d32469eaf47a9f3a9
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Jun 13 17:30:55 2013 -0400
use rootpw syntax that should work with older tools
diff --git a/generic/fedora-19-i386-cloud.ks b/generic/fedora-19-i386-cloud.ks
index 930bd7f..dec6ad9 100644
--- a/generic/fedora-19-i386-cloud.ks
+++ b/generic/fedora-19-i386-cloud.ks
@@ -18,7 +18,7 @@ timezone --utc Etc/UTC
auth --useshadow --enablemd5
selinux --enforcing
-rootpw --lock
+rootpw --lock --iscrypted locked
# this is actually not used, but a static firewall
# matching these rules is generated below.
diff --git a/generic/fedora-19-i386-minimal.ks b/generic/fedora-19-i386-minimal.ks
index dd5012a..95df672 100644
--- a/generic/fedora-19-i386-minimal.ks
+++ b/generic/fedora-19-i386-minimal.ks
@@ -19,7 +19,7 @@ timezone --utc Etc/UTC
auth --useshadow --enablemd5
selinux --enforcing
-rootpw --lock
+rootpw --lock --iscrypted locked
# this is actually not used, but a static firewall
# matching these rules is generated below.
diff --git a/generic/fedora-19-i386.ks b/generic/fedora-19-i386.ks
index bf8a249..24b0e0b 100644
--- a/generic/fedora-19-i386.ks
+++ b/generic/fedora-19-i386.ks
@@ -13,7 +13,7 @@ timezone --utc Etc/UTC
auth --useshadow --enablemd5
selinux --enforcing
-rootpw --lock
+rootpw --lock --iscrypted locked
# this is actually not used, but a static firewall
# matching these rules is generated below.
diff --git a/generic/fedora-19-x86_64-cloud.ks b/generic/fedora-19-x86_64-cloud.ks
index 6d54d52..6510f6b 100644
--- a/generic/fedora-19-x86_64-cloud.ks
+++ b/generic/fedora-19-x86_64-cloud.ks
@@ -18,7 +18,7 @@ timezone --utc Etc/UTC
auth --useshadow --enablemd5
selinux --enforcing
-rootpw --lock
+rootpw --lock --iscrypted locked
# this is actually not used, but a static firewall
# matching these rules is generated below.
diff --git a/generic/fedora-19-x86_64-minimal.ks b/generic/fedora-19-x86_64-minimal.ks
index d6fb7d6..133a882 100644
--- a/generic/fedora-19-x86_64-minimal.ks
+++ b/generic/fedora-19-x86_64-minimal.ks
@@ -19,7 +19,7 @@ timezone --utc Etc/UTC
auth --useshadow --enablemd5
selinux --enforcing
-rootpw --lock
+rootpw --lock --iscrypted locked
# this is actually not used, but a static firewall
# matching these rules is generated below.
diff --git a/generic/fedora-19-x86_64.ks b/generic/fedora-19-x86_64.ks
index e6840df..bb19668 100644
--- a/generic/fedora-19-x86_64.ks
+++ b/generic/fedora-19-x86_64.ks
@@ -13,7 +13,7 @@ timezone --utc Etc/UTC
auth --useshadow --enablemd5
selinux --enforcing
-rootpw --lock
+rootpw --lock --iscrypted locked
# this is actually not used, but a static firewall
# matching these rules is generated below.
10 years, 10 months
generic/fedora-19-i386-cloud.ks generic/fedora-19-i386.ks generic/fedora-19-i386-minimal.ks generic/fedora-19-x86_64-cloud.ks generic/fedora-19-x86_64.ks generic/fedora-19-x86_64-minimal.ks
by Matthew Miller
generic/fedora-19-i386-cloud.ks | 1 +
generic/fedora-19-i386-minimal.ks | 1 +
generic/fedora-19-i386.ks | 1 +
generic/fedora-19-x86_64-cloud.ks | 1 +
generic/fedora-19-x86_64-minimal.ks | 1 +
generic/fedora-19-x86_64.ks | 1 +
6 files changed, 6 insertions(+)
New commits:
commit 85125fcbb1a911eb656647ff7d77d1673dab735d
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Mon Jun 10 10:47:53 2013 -0400
add NOZEROCONF=yes to /etc/sysconfig/network
see http://openstack.redhat.com/forum/discussion/187/nozeroconfyes-should-be-...
diff --git a/generic/fedora-19-i386-cloud.ks b/generic/fedora-19-i386-cloud.ks
index 265f586..930bd7f 100644
--- a/generic/fedora-19-i386-cloud.ks
+++ b/generic/fedora-19-i386-cloud.ks
@@ -148,6 +148,7 @@ echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
+NOZEROCONF=yes
EOF
# For cloud images, 'eth0' _is_ the predictable device name, since
diff --git a/generic/fedora-19-i386-minimal.ks b/generic/fedora-19-i386-minimal.ks
index 48e1074..dd5012a 100644
--- a/generic/fedora-19-i386-minimal.ks
+++ b/generic/fedora-19-i386-minimal.ks
@@ -142,6 +142,7 @@ echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
+NOZEROCONF=yes
EOF
# For cloud images, 'eth0' _is_ the predictable device name, since
diff --git a/generic/fedora-19-i386.ks b/generic/fedora-19-i386.ks
index 98a5313..bf8a249 100644
--- a/generic/fedora-19-i386.ks
+++ b/generic/fedora-19-i386.ks
@@ -129,6 +129,7 @@ echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
+NOZEROCONF=yes
EOF
# For cloud images, 'eth0' _is_ the predictable device name, since
diff --git a/generic/fedora-19-x86_64-cloud.ks b/generic/fedora-19-x86_64-cloud.ks
index 8786083..6d54d52 100644
--- a/generic/fedora-19-x86_64-cloud.ks
+++ b/generic/fedora-19-x86_64-cloud.ks
@@ -144,6 +144,7 @@ echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
+NOZEROCONF=yes
EOF
# For cloud images, 'eth0' _is_ the predictable device name, since
diff --git a/generic/fedora-19-x86_64-minimal.ks b/generic/fedora-19-x86_64-minimal.ks
index f463cd5..d6fb7d6 100644
--- a/generic/fedora-19-x86_64-minimal.ks
+++ b/generic/fedora-19-x86_64-minimal.ks
@@ -140,6 +140,7 @@ echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
+NOZEROCONF=yes
EOF
# For cloud images, 'eth0' _is_ the predictable device name, since
diff --git a/generic/fedora-19-x86_64.ks b/generic/fedora-19-x86_64.ks
index 6840670..e6840df 100644
--- a/generic/fedora-19-x86_64.ks
+++ b/generic/fedora-19-x86_64.ks
@@ -127,6 +127,7 @@ echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
+NOZEROCONF=yes
EOF
# For cloud images, 'eth0' _is_ the predictable device name, since
10 years, 10 months