CRITICAL: Override live-config password scripts locking root account

Major Discovery: - live-config scripts 0030-live-debconfig_passwd and 0030-user-setup were setting root password to '*' (locked) during boot - This explains why SSH with configured password was failing - Scripts were also trying to create 'user' account instead of using root Solution: - Created override-live-config-passwd.hook.chroot - Replaces both password-related live-config scripts - Preserves root password set during ISO creation - Prevents account locking by live-config - Forces LIVE_USERNAME=root instead of creating separate user This completes the live-config override suite: - inittab autologin (prevents user login prompt) - password preservation (enables SSH with configured password) - proper root account handling throughout boot process

CRITICAL: Override live-config password scripts locking root account
Major Discovery: - live-config scripts 0030-live-debconfig_passwd and 0030-user-setup were setting root password to '*' (locked) during boot - This explains why SSH with configured password was failing - Scripts were also trying to create 'user' account instead of using root Solution: - Created override-live-config-passwd.hook.chroot - Replaces both password-related live-config scripts - Preserves root password set during ISO creation - Prevents account locking by live-config - Forces LIVE_USERNAME=root instead of creating separate user This completes the live-config override suite: - inittab autologin (prevents user login prompt) - password preservation (enables SSH with configured password) - proper root account handling throughout boot process
d114f634 · Stefy Lanza (nextime / spora ) · 17e19030 · d114f634
Commit d114f634 authored Sep 05, 2025 by Stefy Lanza (nextime / spora )
Hide whitespace changes
Inline Side-by-side

Showing with 145 additions and 0 deletions

override-live-config-passwd.hook.chroot config/hooks/live/override-live-config-passwd.hook.chroot +145 -0

No files found.
--- a/config/hooks/live/override-live-config-passwd.hook.chroot
+++ b/config/hooks/live/override-live-config-passwd.hook.chroot
+#!/bin/sh
+
+set -e
+
+echo "Overriding live-config password scripts to preserve root password..."
+
+# Override live-debconfig_passwd script
+LIVE_DEBCONFIG_PASSWD="/usr/lib/live/config/0030-live-debconfig_passwd"
+
+if [ -f "$LIVE_DEBCONFIG_PASSWD" ]; then
+    cp "$LIVE_DEBCONFIG_PASSWD" "${LIVE_DEBCONFIG_PASSWD}.original"
+    
+    cat > "$LIVE_DEBCONFIG_PASSWD" << 'EOF'
+#!/bin/sh
+
+. /lib/live/config.sh
+
+## live-config(7) - Modified to preserve root password
+
+#set -e
+
+Cmdline ()
+{
+	# Reading kernel command line
+	for _PARAMETER in ${LIVE_CONFIG_CMDLINE}
+	do
+		case "${_PARAMETER}" in
+			live-config.user-default-groups=*|user-default-groups=*)
+				LIVE_USER_DEFAULT_GROUPS="${_PARAMETER#*user-default-groups=}"
+				;;
+
+			live-config.user-fullname=*|user-fullname=*)
+				LIVE_USER_FULLNAME="${_PARAMETER#*user-fullname=}"
+				;;
+
+			live-config.username=*|username=*)
+				# Force root instead of user
+				LIVE_USERNAME="root"
+				;;
+		esac
+	done
+	
+	# Default to root
+	LIVE_USERNAME="${LIVE_USERNAME:-root}"
+}
+
+Init ()
+{
+	# Skip if already configured or if targeting root (we don't want to change root)
+	if component_was_executed "live-debconfig_passwd" || [ "${LIVE_USERNAME}" = "root" ]
+	then
+		exit 0
+	fi
+
+	echo -n " live-debconfig (passwd) - skipped for root"
+}
+
+Config ()
+{
+	# Do nothing - preserve existing root password configuration
+	echo "Preserving root password configuration"
+	
+	# Creating state file to mark as completed
+	touch /var/lib/live/config/live-debconfig_passwd
+}
+
+Cmdline
+Init
+Config
+EOF
+    
+    chmod +x "$LIVE_DEBCONFIG_PASSWD"
+    echo "Replaced live-debconfig passwd script to preserve root password"
+fi
+
+# Override user-setup script
+USER_SETUP="/usr/lib/live/config/0030-user-setup"
+
+if [ -f "$USER_SETUP" ]; then
+    cp "$USER_SETUP" "${USER_SETUP}.original"
+    
+    cat > "$USER_SETUP" << 'EOF'
+#!/bin/sh
+
+. /lib/live/config.sh
+
+## live-config(7) - Modified to preserve root password and not create user
+
+#set -e
+
+Cmdline ()
+{
+	# Reading kernel command line
+	for _PARAMETER in ${LIVE_CONFIG_CMDLINE}
+	do
+		case "${_PARAMETER}" in
+			live-config.user-default-groups=*|user-default-groups=*)
+				LIVE_USER_DEFAULT_GROUPS="${_PARAMETER#*user-default-groups=}"
+				;;
+
+			live-config.user-fullname=*|user-fullname=*)
+				LIVE_USER_FULLNAME="${_PARAMETER#*user-fullname=}"
+				;;
+
+			live-config.username=*|username=*)
+				# Force root instead of creating a user
+				LIVE_USERNAME="root"
+				;;
+		esac
+	done
+	
+	# Default to root
+	LIVE_USERNAME="${LIVE_USERNAME:-root}"
+}
+
+Init ()
+{
+	# Skip user creation if targeting root
+	if component_was_executed "user-setup" || [ "${LIVE_USERNAME}" = "root" ]
+	then
+		exit 0
+	fi
+
+	echo -n " user-setup - skipped for root"
+}
+
+Config ()
+{
+	# Do nothing - we don't want to create a user account or change root
+	echo "Preserving root account configuration"
+	
+	# Creating state file
+	touch /var/lib/live/config/user-setup
+}
+
+Cmdline
+Init
+Config
+EOF
+    
+    chmod +x "$USER_SETUP"
+    echo "Replaced user-setup script to preserve root configuration"
+fi
+
+echo "Live-config password override completed"
\ No newline at end of file