Can’t login on new image

[Theilgaard]

I have been using the past 2 days to get this working.

What I did:
– This is on a Mac Pro (latest model)
– Using the Mac Pro install disk 1
– Using InstallerChoices.xml to prevent printer drivers, languages and Bundled Software from installing
– Installing QuickTime 7.4.1 update
– Installing 10.5.2 update
– Installing LeopardGraphicsUpdate
– Installing SecurityUpdate2008-001Univ
– Using custom instauser installer, that installs a user (UID 499) as well as a StartUp script to create the user folder in /var/, as well as a preference com.apple.loginwindow.plist (so that I get name and password field to login to)

The end result is this:
– Machine boots up fine, and show login window correctly.
– I can’t login to the admin account
– Trying >console, and I can now login to the admin account
– but the StartupScript have not yet run, as I’m told I do not have a home.
– Run the instauser StartupScript
– Reboot – stil cannot login
– Going to console and can login, now with a home folder

Together with all this cups is crashing all the time (about every 10th second, printing a line on the console each time), but I did not install printers (maybe this came from one of the updates).

system.log also have some “strange” lines, that i do not remember I see on a working system.

My own notes to the above:
I realise now, that maybe the QuickTime update is not needed, as it’s already included on the Mac Pro image, but I have also tried with a fresh 10.5 image at first, with the same result.
The reason I give the user UID 499 and place it in /var is that I do not want it to show up in the list of users anywhere, nor in the /Users folder.

Can anyone enlighten me before I return to the old way of doing images?

[Patrick Fergus]

[b]> Using custom instauser installer[/b]

What’s your script look like?

[Theilgaard]

The installer installs the admin.plist file as well as the user.plist file. I one scenario I created the hash file using the postflight script, but in the latest version I installed this as a file.

The population of the admin users home folder was done using the StartupScript following instauser, but customized with my location.

I have verified the permissions on the various files install (when I was logged in, in console mode), and it looked correctly.

[Patrick Fergus]

Can you post the script? That’s the quickest way to a solution.

[Theilgaard]

In the latest version the postflight script does nothing, as everything is installed as files. It looks like this (the admin user was not exactly named as here, but everything else is the same:

#!/bin/bash

#Set password for admin user
#$1/Contents/Resources/shadowHash.sh XXXXXXXX > $3/var/db/shadow/hash/9BB9BC05-34B5-4A0E-8DEC-3855D3183954

#Copy User Template to admin
#/usr/bin/ditto /System/Library/User\ Template/English.lproj/ /var/admin

#Create admin home
#/bin/mkdir $3/var/admin
#/usr/sbin/chown -R 499:staff $3/var/admin

#Put local-admin account in admin group
#/usr/bin/dscl . -append Groups/admin GroupMembership admin

exit 0

I tried a lot of different approaches.

[Patrick Fergus]

You’re using Instauser 10.5.

Your issue may stem from what appears to be attempting to mix a few different scripts. You have a few shell variables that indicate that this is a postflight ($1 and $3), explained in the “Some information is passed by the installer to these scripts when they are launched” section here:

[url]http://s.sudre.free.fr/Stuff/PackageMaker_Howto.html[/url]

but you have a line directly calling dscl, which won’t work in a postflight script when you’re targeting another drive. The “append” will happen in the startup disk’s local directory (“dslocal”).

Instauser 10.5 currently has responsibilities divided as follows:

Installed files:
File to stop the new computer-style registration
[code]$3/var/db/.AppleSetupDone[/code]
File to stop the OS upgrade-style registration
[code]$3/Library/Receipts/.SetupRegComplete[/code]
StartupItem to create the Instauser’s home
[code]$3/Library/StartupItems/instauser*[/code]
Adding the user “instadmg” to the dslocal users
[code]$3/var/db/dslocal/nodes/Default/users/instadmg.plist[/code]
Replacing the dslocal admin group to add the “instadmg” user to the admin group
[code]$3/var/db/dslocal/nodes/Default/groups/admin.plist[/code]
Adding the user “instadmg”‘s password hash
[code]$3/var/db/shadow/hash/A7F9C53B-4B33-4BE1-9F3F-857600281ADC[/code]

StartupItem:
StartupItem parameter file, referenced so the OS knows how to handle the StartupItem
[code]$3/Library/StartupItems/instauser/StartupParameters.plist[/code]
StartupItem script, called by the parameter file above, creates a home for the user “instadmg”, sets “instadmg” as the owner, and then securely deletes the “instauser” StartupItem
[code]$3/Library/StartupItems/instauser/instauser[/code]

What you’re trying to modify from the provided script:

– The local admin’s name (“admin”)
– The local admin’s uid (“499”)
– The local admin’s UUID (“9BB9BC05-34B5-4A0E-8DEC-3855D3183954”)
– The local admin’s password hash (“XXXXXXXX”) 😀
– The local admin’s home location (“/var/admin”)

Taking each individually:

– The local admin’s name (“admin”)

You’ll need to replace “instadmg” with “admin” in:
[code]$3/var/db/dslocal/nodes/Default/groups/admin.plist[/code]

You’ll need to rename:
[code]$3/var/db/dslocal/nodes/Default/users/instadmg.plist[/code]
to
[code]$3/var/db/dslocal/nodes/Default/users/admin.plist[/code]

You’ll need to replace “instadmg” with “admin” in:
[code] $3/Library/StartupItems/instauser/instauser[/code]

– The local admin’s uid (“499”)

You’ll need to change “501” to “499” in:
[code]$3/var/db/dslocal/nodes/Default/users/admin.plist[/code]

– The local admin’s UUID (“9BB9BC05-34B5-4A0E-8DEC-3855D3183954”)

You’ll need to change “A7F9C53B-4B33-4BE1-9F3F-857600281ADC” to “9BB9BC05-34B5-4A0E-8DEC-3855D3183954” in:
[code]$3/var/db/dslocal/nodes/Default/users/admin.plist[/code]

– The local admin’s password hash (“XXXXXXXX”)

You’ll need to make sure that you’re outputting the hashed password to the right spot, which you’re doing with the following postflight:
[code]$1/Contents/Resources/shadowHash.sh XXXXXXXX > $3/var/db/shadow/hash/9BB9BC05-34B5-4A0E-8DEC-3855D3183954[/code]

– The local admin’s home location (“/var/admin”)

You’ll need to edit “/Users/instadmg” to “/var/admin” in:
[code]$3/var/db/dslocal/nodes/Default/users/admin.plist[/code]

You’ll need to edit “/Users/instadmg” to “/var/admin” in:
[code]$3/Library/StartupItems/instauser/instauser[/code]

I think that’s all of them. Just a note, the [i]why[/i] is far, far more important than the [i]how[/i] in the above information. Really understanding the why for the above is a good idea.

After all these changes, you’ll need to recreate the instauser pkg using your favorite package-making utility (PackageMaker, Iceberg, etc).

– Patrick

[Theilgaard]

Thank you both very much.

I removed the security update and everything works fine.

I have been testing this today, so sorry for my late reply.

Thanks,

Søren

[Author]

Posts