Every new image of Torizon OS (formerly TorizonCore) has bultin credentials (torizon/torizon) and you’re required to change the password when you login for the first time.
Is there a way to build a custom image of TorizonOS specifying the credentials (so that a change is not needed)?
Thanks
1 Like
Greetings @vix,
After you set the password in Torizon OS, you should be able to capture this with torizoncore-builder. The resulting image when flashed on other devices will then have the password already set.
Best Regards,
Jeremias
Hi @jeremias.tx
this is not our intended usage.
We’ve setup an automatedb CI/CD pipeline to build a customized release of Torizon PS and so we need to set tje credentials in the recipe.
Is there a wya?
We’ve setup an automatedb CI/CD pipeline to build a customized release of Torizon PS and so we need to set tje credentials in the recipe.
I see so you’re doing a full Yocto build then?
In that case if you want to change/add a new user to the OS you need to modify/append on to the following files from our meta-layer:
- https://github.com/toradex/meta-toradex-torizon/blob/kirkstone-6.x.y/recipes-core/torizon-users/torizon-users_1.0.bb
- https://github.com/toradex/meta-toradex-torizon/blob/kirkstone-6.x.y/files/torizon-static-group
- https://github.com/toradex/meta-toradex-torizon/blob/kirkstone-6.x.y/files/torizon-static-passwd
You can see in each file where the torizon user gets set.
If you want to change the password you want to modify this specific line: https://github.com/toradex/meta-toradex-torizon/blob/kirkstone-6.x.y/recipes-core/torizon-users/torizon-users_1.0.bb#L18
USERADD_PARAM:${PN} = "-G adm,sudo,users,plugdev,audio,video,gpio,i2cdev,spidev,dialout,input,pwm -m -d /home/torizon -p GudJRR5U.mLp2 torizon"
The password is this part specifically -p GudJRR5U.mLp2 this is basically the same behavior as the useradd command. This expects an encrypted version of the password. As seen by the comment above this line you can generate such with openssl passwd <password>.
Finally, if you want to remove/prevent the behavior that forces a password change on first login you need to remove this function: https://github.com/toradex/meta-toradex-torizon/blob/kirkstone-6.x.y/recipes-core/torizon-users/torizon-users_1.0.bb#L20
Alternatively as seen by the function if you add the file /etc/.passwd_changed then this also prevents the password change from occurring.
Best Regards,
Jeremias
2 Likes
I see so you’re doing a full Yocto build then?
No. We customized tcbuild.yaml to download Torizon OS Quarterly 6.4.0, changing the splash screen, using a custom device tree, …
No. We customized
tcbuild.yamlto download Torizon OS Quarterly 6.4.0, changing the splash screen, using a custom device tree, …
I’m confused then, if you’re using TorizonCore Builder then why did you turn down my initial suggestion?
User and password configurations should be stored in /etc, therefore you can capture these changes with TorizonCore builder. Then these changes can be built into your custom image.
Best Regards,
Jeremias
Hi jeremias,
I hope you can help me understand what i’m not doing right.
I used TorizonCore Builder has you mention to isolate changes on the /etc after booting the first time to the board and set the password I want as default instead of ‘torizon’. I grabbed the files that were created and modified and add them to my tcbuild.yaml descriptor to build and put this files on the final image. If I open the image and go to the ostree I can se the files there in the right place, but even so on the first boot the board asks me to change the password, so the changes I have done to the image are discarded. This is due to some script that is still running on first boot? What can I do to solve this issue.
thanks in advance for your help.
Best regards,
André
Hi @af-silva
Could you please open a new thread with your issue so we can keep a better track of it?
Also, include in the message the commands you are trying to run and the outputs.
You can check this article for a complete guide.