Hello Josh, Thank you very much for a solution! And, it does not require a source code update to VCL which is a big plus.
Our campus has significantly expanded the use of VCL due to the COVID-19 situation and your support is greatly appreciated. We still are having an issue with creating a base image for Ubuntu 20. My co-worker, Chuck Yang was working on it. If he provides the VCL log for the portion of his image process, would you mind taking a look? Again, thank you for your help on the other two image issues, Windows 10 2004 and CentOS 7.8.2003. Sincerely, Emerio -----Original Message----- From: Josh Thompson <[email protected]> Sent: Friday, June 19, 2020 7:41 AM To: Martinez, Emerio <[email protected]> Cc: [email protected]; Elbettar, Bill <[email protected]>; Yang, Charles <[email protected]> Subject: Re: [External] Re: Creation of Base OS Images - Windows 10, CentOS 7 and Ubuntu 20 in VCL Hi Emerio, No changes are needed in the VCL code for this. A fix can just be done within the image before capturing it. The fix would then be passed along to any images created using it as a base. Create the following file: /etc/profile.d/allow_numeric_users.sh with the following content: export SHADOW_ALLOW_ALL_NUMERIC_USER=1 After creating the above file, I tested this successfully by running the following on the management node: $ ssh testvm1 'useradd -m 55555' That didn't return any errors, and after logging in to testvm1, I saw that the account had been created. Josh On Wednesday, June 17, 2020 11:58:31 AM EDT Martinez, Emerio wrote: > Hello Josh, > > Yes, the numeric username is a must have for us. It is the campus > identifier for an end user. We use it to manage access and control > privileges in our VCL. > > I was able to find this Redhat KB article which matches the situation > and provides a workaround. > > https://access.redhat.com/solutions/3103631 > > Please note, shadow-utils-4.1.5.1-25 (shipped with Red Hat Enterprise Linux > 7.6) does not allow to create all-numeric usernames. > shadow-utils- 4.1.5.1-25.el7_6.1 and later (shipped with Red Hat Enterprise > Linux 7.6 batch update 3) requires the environment variable > SHADOW_ALLOW_ALL_NUMERIC_USER to be set to any value to allow the useradd > command to create all-numeric usernames. > > I verified that the workaround does work. > > Before: > > [root@vclvm011206_4x10 ~]# /usr/sbin/useradd -s /bin/bash -m -d > /home/899926760 -g vcl -u 524 899926760 useradd: invalid user name > '899926760' > > After: > > [root@vclvm011206_4x10 ~]# echo $SHADOW_ALLOW_ALL_NUMERIC_USER > > [root@vclvm011206_4x10 ~]# SHADOW_ALLOW_ALL_NUMERIC_USER=anyvalue > [root@vclvm011206_4x10 ~]# /usr/sbin/useradd -s /bin/bash -m -d > /home/899926760 -g vcl -u 524 899926760 useradd: invalid user name > '899926760' > [root@vclvm011206_4x10 ~]# echo $SHADOW_ALLOW_ALL_NUMERIC_USER > anyvalue > [root@vclvm011206_4x10 ~]# SHADOW_ALLOW_ALL_NUMERIC_USER=1 > [root@vclvm011206_4x10 ~]# /usr/sbin/useradd -s /bin/bash -m -d > /home/899926760 -g vcl -u 524 899926760 useradd: invalid user name > '899926760' > [root@vclvm011206_4x10 ~]# export SHADOW_ALLOW_ALL_NUMERIC_USER=1 > [root@vclvm011206_4x10 ~]# /usr/sbin/useradd -s /bin/bash -m -d > /home/899926760 -g vcl -u 524 899926760 [root@vclvm011206_4x10 ~]# id > 899926760 > uid=524(899926760) gid=1001(vcl) groups=1001(vcl) > > Would you be able to develop a fix that is incremental (does not > require a system wide upgrade) and modularized (code change is > contained and not spread out) for this situation? We are using VCL 2.5. > Please advise. > > Thanks, > Emerio > > -----Original Message----- > From: Josh Thompson <[email protected]> > Sent: Wednesday, June 17, 2020 7:30 AM > To: Martinez, Emerio <[email protected]> > Cc: [email protected]; Elbettar, Bill <[email protected]>; > Yang, Charles <[email protected]> Subject: [External] Re: Creation > of Base OS Images - Windows 10, CentOS 7 and Ubuntu 20 in VCL -- ------------------------------- Josh Thompson Systems Programmer Virtual Computing Lab (VCL) North Carolina State University [email protected] 919-515-5323 my GPG/PGP key can be found on pool.sks-keyservers.net All electronic mail messages in connection with State business which are sent to or received by this account are subject to the NC Public Records Law and may be disclosed to third parties.
