On Wednesday, 17 June 2015 7:32 AM, Major Hayden wrote:
From what I gather, the same upstream fixes would solve all of the tickets there
(1132001 through 1132004) since the LXC templates are just additional files
packaged along with all LXC versions.
The big question would be *how* to fix the root password problems.
After digging, I've seen the following suggested:
1) Port the randomized password functionality from Fedora/CentOS templates
into the others
2) Empty the root password and disallow logins with empty passwords
#2 seems a little annoying for the user because they can't even get into
their container unless they use lxc-attach. #1 might work for the other
templates since it's already working well for the Fedora/CentOS templates.
Either one will require some testing with each distribution.
Any thoughts on which way we ought to go?
Though shipping LXC images with locked root account and explicit instructions to unlock
it is a better solution IMO, I know many users would not like it, because it might break
Considering that, I think it's okay to go ahead with the random password approach, as
is implemented by Fedora/CentOS templates. That way it'll be consistent user
experience across different templates.
-P J P