Hi, So has anybody ever found a solution to this? I'm still in the same boat 7 years later with 1.48 of user-setup on ubuntu 14.04. The work-around using !! kind of works but means that the emergency recovery mode in Ubuntu mistakenly thinks that root has a password set and prompts for one which makes it rather useless in an emergency.
Cheers, Seb On Thu, 24 May 2007 16:29:05 +0100 Matthew Johnson < mjj29-deb...@srcf.ucam.org> wrote: > Package: user-setup > Severity: minor > > > I have been trying to preseed config files for a set of servers we have > just bought. Since I do not want either the root password (even hashed) > in the config file or any user-interaction on these (headless) machines, > I would like to disable both the root password and not create a user. > Access is enabled by late_command which installs an ssh public key to > /root/.ssh/authorized_keys. > > The documentation (at > http://www.debian.org/releases/stable/i386/apbs04.html.en) says: > > "The passwd/root-password-crypted and passwd/user-password-crypted > variables can also be preseeded with ?!? as their value. In that > case, the corresponding account is disabled. This may be convenient > for the root account, provided of course that an alternative method > is setup to allow administrative activities or root login (for > instance by using SSH key authentication or sudo)" > > However, a preseed file containing: > d-i passwd/make-user boolean false > d-i passwd/root-password-crypted string ! > or: > d-i passwd/make-user boolean false > d-i passwd/root-login boolean false > > still prompts for either the root password or creation of a user. This > would appear to be deliberate because user-setup-ask contains: > > db_get passwd/root-login > if [ "$RET" = false ]; then > # always make non-root user; this user will be able > # to sudo to root > db_set passwd/make-user true > > and > > db_get passwd/root-password-crypted || true > if ! test "$RET" || [ "x$RET" = "x!" ]; then > # No preseed of the root password hash > # we will prompt the user > > This, however, is not what the documentation claims or what would be > useful in this case. > > I have currently solved the problem by using the following preseed: > > d-i passwd/make-user boolean false > d-i passwd/root-password-crypted string !! > > but it would better if the actual implementation matched the > documentation and if the situation I would like were supported. > > As an additional wishlist item; user-setup could do the preseeding of > ssh public keys for users or root itself and therefore explicitly > support this case. No patch yet; maybe if I have time. > > Matt