search

aws / ec2-macos-init

EC2 macOS Init is the launch daemon used to initialize Mac instances within EC2.
https://aws.amazon.com/ec2/instance-types/mac/
Apache License 2.0
148 stars 19 forks source link

Removed user password reset #1

Closed vasylenko closed 3 years ago

vasylenko commented 3 years ago

There is a limited number of attempts of the unattended password set for a user with dscl command. Once they depleted, dscl command requires entering the previous user password explicitly. The forced setting of a random password with dscl command on the first launch does not make much sense because it's still impossible to ScreenShare to the system when there is no password. But that action (force password set) just subtracts the password reset attempt from the total number of possible unattended resets, which makes troubleshooting and custom provisioning a bit more difficult.

Description of changes:

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

darrlook commented 3 years ago

@vasylenko - Thanks for your pull request! The init.toml file included in this repo is the exact one we use in our released AMIs (owned by Amazon). A randomized password must be set on first boot so every instance starts with a different password. Therefore, we can’t simply remove this line from the default configuration without affecting every EC2 Mac Instance first boot. If you would like better debugging, you can customize the init.toml file from a launched instance for your own derivative AMIs.