You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Maurice Lawler <ma...@me.com> on 2013/04/26 05:50:15 UTC
Password Enabled Templates
Greetings:
Try as I might, I cannot seem to get the password reset tool to work with the instances created from a password enabled template.
From what I read all that is required is:
Use the following steps to begin the Linux OS installation:
Download the script file cloud-set-guest-password:
Linux: http://cloudstack.org/dl/cloud-set-guest-password
Windows: http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download
Copy this file to /etc/init.d.
On some Linux distributions, copy the file to /etc/rc.d/init.d.
Run the following command to make the script executable:
chmod +x /etc/init.d/cloud-set-guest-password
Depending on the Linux distribution, continue with the appropriate step.
On Fedora, CentOS/RHEL, and Debian, run:
chkconfig --add cloud-set-guest-password
Which I have done just fine, but suspended / stopping the instance and resetting root password does not work; along with that the system assigned root password does not take either.
Please advise.
Re: Password Enabled Templates
Posted by Shanker Balan <sh...@shapeblue.com>.
Hi Maurice,
Comments inline,
On 27-Apr-2013, at 1:52 AM, Maurice Lawler <ma...@me.com>> wrote:
root@CentOS63 ~]# bash -x /etc/init.d/cloud-set-guest-password
+ user=root
+ DHCP_FOLDERS='/var/lib/dhclient/* /var/lib/dhcp3/* /var/lib/dhcp/*'
+ password_received=0
+ file_count=0
+ error_count=0
+ for DHCP_FILE in '$DHCP_FOLDERS'
The password reset is attempted for every file in '/var/lib/dhclient/* /var/lib/dhcp3/* /var/lib/dhcp/*',
+ '[' -f /var/lib/dhclient/dhclient-eth0.leases ']'
So it found /var/lib/dhclient/dhclient-eth0.leases
+ file_count=1
++ tr -d '\;'
++ awk '{print $NF}'
++ tail -1
++ grep dhcp-server-identifier /var/lib/dhclient/dhclient-eth0.leases
+ PASSWORD_SERVER_IP=IP.OF.INSTANCE
+ '[' -n IPOFINSTANCE]'
+ logger -t cloud 'Found password server IP IP.OF.INSTANCE in /var/lib/dhclient/dhclient-eth0.leases'
+ logger -t cloud 'Sending request to password server at 66.232.104.214'
And it found the password server correctly.
++ wget -q -t 3 -T 20 -O - --header 'DomU_Request: send_my_password' IP.OF.INSTANCE:8080
+ password=$'saved_password\r'
++ tr -d '\r'
++ echo $'saved_password\r'
+ password=saved_password
Its found the new password.
+ '[' 0 -eq 0 ']'
+ logger -t cloud 'Got response from server at IP.OF.INSTANCE'
+ case $password in
+ logger -t cloud 'VM has already saved a password from the password server at IP.OF.INSTANCE'
Looks like it has already saved the password once before.
+ continue
+ for DHCP_FILE in '$DHCP_FOLDERS'
+ '[' -f /var/lib/dhclient/resolv.conf.predhclient.eth0 ']'
+ file_count=2
Now the look finds a 2nd file file /var/lib/dhclient/resolv.conf.predhclient.eth0
++ tr -d '\;'
++ awk '{print $NF}'
++ tail -1
++ grep dhcp-server-identifier /var/lib/dhclient/resolv.conf.predhclient.eth0
+ PASSWORD_SERVER_IP=
+ '[' -n '' ']'
+ logger -t cloud 'Could not find password server IP in /var/lib/dhclient/resolv.conf.predhclient.eth0'
Since resolv.conf.predhclient.eth0 is not a lease file, it can't find the password server.
+ error_count=1
+ for DHCP_FILE in '$DHCP_FOLDERS'
+ '[' -f '/var/lib/dhcp3/*' ']'
+ for DHCP_FILE in '$DHCP_FOLDERS'
+ '[' -f '/var/lib/dhcp/*' ']'
+ '[' 0 == 0 ']'
+ '[' 1 == 2 ']'
+ logger -t cloud 'Did not need to change password.'
+ exit 0
[root@CentOS63 ~]#
The attempt to grep the password server from resolv.conf.predhclient.eth0 will fail as it is not a valid lease file. This is as expected. No issues here.
Ok, so by the looks of it - the password set script is working and it has succeeded previously.
Hth.
--
Shanker Balan
Managing Consultant
[cid:E7CE8425-E245-4C99-B967-713DF2967392@local]
M: +91 98860 60539
shanker.balan@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com<http://www.shapeblue.com> | Twitter:@shapeblue
ShapeBlue India, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Password Enabled Templates
Posted by Shanker Balan <sh...@shapeblue.com>.
On 27-Apr-2013, at 5:10 AM, Maurice Lawler <ma...@me.com>> wrote:
Looking further, manually running it and checking /var/log/messages I see this:
[root@CentOS63 ~]# tail -f /var/log/messages
Apr 26 15:19:38 CentOS63 cloud: Got response from server at routerip
Apr 26 15:19:38 CentOS63 cloud: VM has already saved a password from the password server at routerip
Apr 26 15:19:38 CentOS63 cloud: Could not find password server IP in /var/lib/dhclient/resolv.conf.predhclient.eth0
Apr 26 15:19:38 CentOS63 cloud: Did not need to change password.
/var/lib/dhclient/resolv.conf.predhclient.eth0 is not a valid lease file. An attempt to reset password is thus skipped.
Apr 26 18:37:51 CentOS63 cloud: Found password server IP routerip in /var/lib/dhclient/dhclient-eth0.leases
Apr 26 18:37:51 CentOS63 cloud: Sending request to password server at routerip
Apr 26 18:37:51 CentOS63 cloud: Got response from server at routerip
Apr 26 18:37:51 CentOS63 cloud: VM has already saved a password from the password server at routerip
Apr 26 18:37:51 CentOS63 cloud: Could not find password server IP in /var/lib/dhclient/resolv.conf.predhclient.eth0
Apr 26 18:37:51 CentOS63 cloud: Did not need to change password.
/var/lib/dhclient/dhclient-eth0.leases is a valid lease file and password has already been reset.
So, not sure what this would mean…
The scripts are working as designed.
<snip the rest>
--
Shanker Balan
Managing Consultant
[cid:E7CE8425-E245-4C99-B967-713DF2967392@local]
M: +91 98860 60539
shanker.balan@shapeblue.com<ma...@shapeblue.com> | www.shapeblue.com<http://www.shapeblue.com> | Twitter:@shapeblue
ShapeBlue India, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055
This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
Re: Password Enabled Templates
Posted by Maurice Lawler <ma...@me.com>.
Looking further, manually running it and checking /var/log/messages I see this:
[root@CentOS63 ~]# tail -f /var/log/messages
Apr 26 15:19:38 CentOS63 cloud: Got response from server at routerip
Apr 26 15:19:38 CentOS63 cloud: VM has already saved a password from the password server at routerip
Apr 26 15:19:38 CentOS63 cloud: Could not find password server IP in /var/lib/dhclient/resolv.conf.predhclient.eth0
Apr 26 15:19:38 CentOS63 cloud: Did not need to change password.
Apr 26 18:37:51 CentOS63 cloud: Found password server IP routerip in /var/lib/dhclient/dhclient-eth0.leases
Apr 26 18:37:51 CentOS63 cloud: Sending request to password server at routerip
Apr 26 18:37:51 CentOS63 cloud: Got response from server at routerip
Apr 26 18:37:51 CentOS63 cloud: VM has already saved a password from the password server at routerip
Apr 26 18:37:51 CentOS63 cloud: Could not find password server IP in /var/lib/dhclient/resolv.conf.predhclient.eth0
Apr 26 18:37:51 CentOS63 cloud: Did not need to change password.
So, not sure what this would mean...
- Maurice
On Apr 26, 2013, at 04:22 PM, "Maurice Lawler" <ma...@me.com> wrote:
> Hello Kirk,
>
> Yes, when I issue the command sh /etc.init.d/cloud-set-guest-password -- I do not get any errors back.
>
> Reviewing /var/log/messages:
>
> [root@CentOS63 ~]# cat /var/log/messages |grep cloud-set-guest-password
> [root@CentOS63 ~]#
>
>
> The bash -x output is:
>
> [root@CentOS63 ~]# bash -x /etc/init.d/cloud-set-guest-password
> + user=root
> + DHCP_FOLDERS='/var/lib/dhclient/* /var/lib/dhcp3/* /var/lib/dhcp/*'
> + password_received=0
> + file_count=0
> + error_count=0
> + for DHCP_FILE in '$DHCP_FOLDERS'
> + '[' -f /var/lib/dhclient/dhclient-eth0.leases ']'
> + file_count=1
> ++ tr -d '\;'
> ++ awk '{print $NF}'
> ++ tail -1
> ++ grep dhcp-server-identifier /var/lib/dhclient/dhclient-eth0.leases
> + PASSWORD_SERVER_IP=IP.OF.INSTANCE
> + '[' -n IPOFINSTANCE]'
> + logger -t cloud 'Found password server IP IP.OF.INSTANCE in /var/lib/dhclient/dhclient-eth0.leases'
> + logger -t cloud 'Sending request to password server at 66.232.104.214'
> ++ wget -q -t 3 -T 20 -O - --header 'DomU_Request: send_my_password' IP.OF.INSTANCE:8080
> + password=$'saved_password\r'
> ++ tr -d '\r'
> ++ echo $'saved_password\r'
> + password=saved_password
> + '[' 0 -eq 0 ']'
> + logger -t cloud 'Got response from server at IP.OF.INSTANCE'
> + case $password in
> + logger -t cloud 'VM has already saved a password from the password server at IP.OF.INSTANCE'
> + continue
> + for DHCP_FILE in '$DHCP_FOLDERS'
> + '[' -f /var/lib/dhclient/resolv.conf.predhclient.eth0 ']'
> + file_count=2
> ++ tr -d '\;'
> ++ awk '{print $NF}'
> ++ tail -1
> ++ grep dhcp-server-identifier /var/lib/dhclient/resolv.conf.predhclient.eth0
> + PASSWORD_SERVER_IP=
> + '[' -n '' ']'
> + logger -t cloud 'Could not find password server IP in /var/lib/dhclient/resolv.conf.predhclient.eth0'
> + error_count=1
> + for DHCP_FILE in '$DHCP_FOLDERS'
> + '[' -f '/var/lib/dhcp3/*' ']'
> + for DHCP_FILE in '$DHCP_FOLDERS'
> + '[' -f '/var/lib/dhcp/*' ']'
> + '[' 0 == 0 ']'
> + '[' 1 == 2 ']'
> + logger -t cloud 'Did not need to change password.'
> + exit 0
> [root@CentOS63 ~]#
>
> Kirk, reviewing that output, the IP addresses labeled as IP.OF.INSTANCE is the IP of the instance of course; but not the IP of the host node, could that be my issue at hand, if so; do I need to configure / alter cloud-set-guest-password?
>
> - Maurice
>
> On Apr 26, 2013, at 01:34 AM, Kirk Kosinski <ki...@gmail.com> wrote:
>
>> Does the script work if you run it manually? If not, run bash -x
>> cloud-set-guest-password and provide the complete output.
>>
>> Is it running on boot? Check for entries in /var/log/messages and
>> provide any output.
>>
>> Best regards,
>> Kirk
>>
>> On 04/25/2013 08:58 PM, David Nalley wrote:
>> > On Thu, Apr 25, 2013 at 11:50 PM, Maurice Lawler <ma...@me.com> wrote:
>> >> Greetings:
>> >>
>> >> Try as I might, I cannot seem to get the password reset tool to work with
>> >> the instances created from a password enabled template.
>> >>
>> >> From what I read all that is required is:
>> >>
>> >>
>> >> Use the following steps to begin the Linux OS installation:
>> >>
>> >> Download the script file cloud-set-guest-password:
>> >>
>> >> Linux: http://cloudstack.org/dl/cloud-set-guest-password
>> >> Windows:
>> >> http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download
>> >>
>> >> Copy this file to /etc/init.d.
>> >> On some Linux distributions, copy the file to /etc/rc.d/init.d.
>> >> Run the following command to make the script executable:
>> >>
>> >> chmod +x /etc/init.d/cloud-set-guest-password
>> >>
>> >> Depending on the Linux distribution, continue with the appropriate step.
>> >> On Fedora, CentOS/RHEL, and Debian, run:
>> >>
>> >> chkconfig --add cloud-set-guest-password
>> >>
>> >> Which I have done just fine, but suspended / stopping the instance and
>> >> resetting root password does not work; along with that the system assigned
>> >> root password does not take either.
>> >>
>> >>
>> >> Please advise.
>> >>
>> >>
>> >>
>> >>
>> >
>> > What's the output of:
>> >
>> > chkconfig --list | grep cloud-set-guest-password
>> >
>> > --David
>> >
Re: Password Enabled Templates
Posted by Maurice Lawler <ma...@me.com>.
Hello Kirk,
Yes, when I issue the command sh /etc.init.d/cloud-set-guest-password -- I do not get any errors back.
Reviewing /var/log/messages:
[root@CentOS63 ~]# cat /var/log/messages |grep cloud-set-guest-password
[root@CentOS63 ~]#
The bash -x output is:
[root@CentOS63 ~]# bash -x /etc/init.d/cloud-set-guest-password
+ user=root
+ DHCP_FOLDERS='/var/lib/dhclient/* /var/lib/dhcp3/* /var/lib/dhcp/*'
+ password_received=0
+ file_count=0
+ error_count=0
+ for DHCP_FILE in '$DHCP_FOLDERS'
+ '[' -f /var/lib/dhclient/dhclient-eth0.leases ']'
+ file_count=1
++ tr -d '\;'
++ awk '{print $NF}'
++ tail -1
++ grep dhcp-server-identifier /var/lib/dhclient/dhclient-eth0.leases
+ PASSWORD_SERVER_IP=IP.OF.INSTANCE
+ '[' -n IPOFINSTANCE]'
+ logger -t cloud 'Found password server IP IP.OF.INSTANCE in /var/lib/dhclient/dhclient-eth0.leases'
+ logger -t cloud 'Sending request to password server at 66.232.104.214'
++ wget -q -t 3 -T 20 -O - --header 'DomU_Request: send_my_password' IP.OF.INSTANCE:8080
+ password=$'saved_password\r'
++ tr -d '\r'
++ echo $'saved_password\r'
+ password=saved_password
+ '[' 0 -eq 0 ']'
+ logger -t cloud 'Got response from server at IP.OF.INSTANCE'
+ case $password in
+ logger -t cloud 'VM has already saved a password from the password server at IP.OF.INSTANCE'
+ continue
+ for DHCP_FILE in '$DHCP_FOLDERS'
+ '[' -f /var/lib/dhclient/resolv.conf.predhclient.eth0 ']'
+ file_count=2
++ tr -d '\;'
++ awk '{print $NF}'
++ tail -1
++ grep dhcp-server-identifier /var/lib/dhclient/resolv.conf.predhclient.eth0
+ PASSWORD_SERVER_IP=
+ '[' -n '' ']'
+ logger -t cloud 'Could not find password server IP in /var/lib/dhclient/resolv.conf.predhclient.eth0'
+ error_count=1
+ for DHCP_FILE in '$DHCP_FOLDERS'
+ '[' -f '/var/lib/dhcp3/*' ']'
+ for DHCP_FILE in '$DHCP_FOLDERS'
+ '[' -f '/var/lib/dhcp/*' ']'
+ '[' 0 == 0 ']'
+ '[' 1 == 2 ']'
+ logger -t cloud 'Did not need to change password.'
+ exit 0
[root@CentOS63 ~]#
Kirk, reviewing that output, the IP addresses labeled as IP.OF.INSTANCE is the IP of the instance of course; but not the IP of the host node, could that be my issue at hand, if so; do I need to configure / alter cloud-set-guest-password?
- Maurice
On Apr 26, 2013, at 01:34 AM, Kirk Kosinski <ki...@gmail.com> wrote:
> Does the script work if you run it manually? If not, run bash -x
> cloud-set-guest-password and provide the complete output.
>
> Is it running on boot? Check for entries in /var/log/messages and
> provide any output.
>
> Best regards,
> Kirk
>
> On 04/25/2013 08:58 PM, David Nalley wrote:
> > On Thu, Apr 25, 2013 at 11:50 PM, Maurice Lawler <ma...@me.com> wrote:
> >> Greetings:
> >>
> >> Try as I might, I cannot seem to get the password reset tool to work with
> >> the instances created from a password enabled template.
> >>
> >> From what I read all that is required is:
> >>
> >>
> >> Use the following steps to begin the Linux OS installation:
> >>
> >> Download the script file cloud-set-guest-password:
> >>
> >> Linux: http://cloudstack.org/dl/cloud-set-guest-password
> >> Windows:
> >> http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download
> >>
> >> Copy this file to /etc/init.d.
> >> On some Linux distributions, copy the file to /etc/rc.d/init.d.
> >> Run the following command to make the script executable:
> >>
> >> chmod +x /etc/init.d/cloud-set-guest-password
> >>
> >> Depending on the Linux distribution, continue with the appropriate step.
> >> On Fedora, CentOS/RHEL, and Debian, run:
> >>
> >> chkconfig --add cloud-set-guest-password
> >>
> >> Which I have done just fine, but suspended / stopping the instance and
> >> resetting root password does not work; along with that the system assigned
> >> root password does not take either.
> >>
> >>
> >> Please advise.
> >>
> >>
> >>
> >>
> >
> > What's the output of:
> >
> > chkconfig --list | grep cloud-set-guest-password
> >
> > --David
> >
Re: Password Enabled Templates
Posted by Kirk Kosinski <ki...@gmail.com>.
Does the script work if you run it manually? If not, run bash -x
cloud-set-guest-password and provide the complete output.
Is it running on boot? Check for entries in /var/log/messages and
provide any output.
Best regards,
Kirk
On 04/25/2013 08:58 PM, David Nalley wrote:
> On Thu, Apr 25, 2013 at 11:50 PM, Maurice Lawler <ma...@me.com> wrote:
>> Greetings:
>>
>> Try as I might, I cannot seem to get the password reset tool to work with
>> the instances created from a password enabled template.
>>
>> From what I read all that is required is:
>>
>>
>> Use the following steps to begin the Linux OS installation:
>>
>> Download the script file cloud-set-guest-password:
>>
>> Linux: http://cloudstack.org/dl/cloud-set-guest-password
>> Windows:
>> http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download
>>
>> Copy this file to /etc/init.d.
>> On some Linux distributions, copy the file to /etc/rc.d/init.d.
>> Run the following command to make the script executable:
>>
>> chmod +x /etc/init.d/cloud-set-guest-password
>>
>> Depending on the Linux distribution, continue with the appropriate step.
>> On Fedora, CentOS/RHEL, and Debian, run:
>>
>> chkconfig --add cloud-set-guest-password
>>
>> Which I have done just fine, but suspended / stopping the instance and
>> resetting root password does not work; along with that the system assigned
>> root password does not take either.
>>
>>
>> Please advise.
>>
>>
>>
>>
>
> What's the output of:
>
> chkconfig --list | grep cloud-set-guest-password
>
> --David
>
Re: Password Enabled Templates
Posted by David Nalley <da...@gnsa.us>.
On Thu, Apr 25, 2013 at 11:50 PM, Maurice Lawler <ma...@me.com> wrote:
> Greetings:
>
> Try as I might, I cannot seem to get the password reset tool to work with
> the instances created from a password enabled template.
>
> From what I read all that is required is:
>
>
> Use the following steps to begin the Linux OS installation:
>
> Download the script file cloud-set-guest-password:
>
> Linux: http://cloudstack.org/dl/cloud-set-guest-password
> Windows:
> http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download
>
> Copy this file to /etc/init.d.
> On some Linux distributions, copy the file to /etc/rc.d/init.d.
> Run the following command to make the script executable:
>
> chmod +x /etc/init.d/cloud-set-guest-password
>
> Depending on the Linux distribution, continue with the appropriate step.
> On Fedora, CentOS/RHEL, and Debian, run:
>
> chkconfig --add cloud-set-guest-password
>
> Which I have done just fine, but suspended / stopping the instance and
> resetting root password does not work; along with that the system assigned
> root password does not take either.
>
>
> Please advise.
>
>
>
>
What's the output of:
chkconfig --list | grep cloud-set-guest-password
--David
Re: Password Enabled Templates
Posted by David Nalley <da...@gnsa.us>.
On Thu, Apr 25, 2013 at 11:50 PM, Maurice Lawler <ma...@me.com> wrote:
> Greetings:
>
> Try as I might, I cannot seem to get the password reset tool to work with
> the instances created from a password enabled template.
>
> From what I read all that is required is:
>
>
> Use the following steps to begin the Linux OS installation:
>
> Download the script file cloud-set-guest-password:
>
> Linux: http://cloudstack.org/dl/cloud-set-guest-password
> Windows:
> http://sourceforge.net/projects/cloudstack/files/Password%20Management%20Scripts/CloudInstanceManager.msi/download
>
> Copy this file to /etc/init.d.
> On some Linux distributions, copy the file to /etc/rc.d/init.d.
> Run the following command to make the script executable:
>
> chmod +x /etc/init.d/cloud-set-guest-password
>
> Depending on the Linux distribution, continue with the appropriate step.
> On Fedora, CentOS/RHEL, and Debian, run:
>
> chkconfig --add cloud-set-guest-password
>
> Which I have done just fine, but suspended / stopping the instance and
> resetting root password does not work; along with that the system assigned
> root password does not take either.
>
>
> Please advise.
>
>
>
>
What's the output of:
chkconfig --list | grep cloud-set-guest-password
--David