Description of problem: Using the --update switch results in the root account being inaccessible. Version-Release number of selected component (if applicable): libguestfs-tools-c-1.37.35-1.fc27.x86_64 How reproducible: Always Steps to Reproduce: 1. virt-builder -o /var/lib/libvirt/images/test.img --update --root-password password:redhat --size 10G fedora-26 2. virt-install --import --vcpus 6 --ram 1024 --disk format=raw,path=/var/lib/libvirt/images/test.img --network network=default,model=virtio -noautoconsole --nographics --name test 3. ssh -lroot $(virsh domifaddr test | grep ipv4 | awk '{ print $4 }' | sed -e 's/\/.*//g') Actual results: -- root: no shell: Permission denied Expected results: Able to log into root account. Additional info: Also reproducible when using SSH keys.
Does adding --selinux-relabel fix things?
There's also discussion of making that flag default to true unless the user selects ‘--no-selinux-relabel’, which would make it less of a common trap: https://gb.redhat.com/archives/libguestfs/2018-February/msg00039.html
(In reply to Richard W.M. Jones from comment #1) > Does adding --selinux-relabel fix things? Yes, thanks! (In reply to Richard W.M. Jones from comment #2) > There's also discussion of making that flag default to true unless > the user selects ‘--no-selinux-relabel’, which would make it less of > a common trap: > https://gb.redhat.com/archives/libguestfs/2018-February/msg00039.html Cool, yes that would be useful. Feel free to close this bug out if you don't want to track that here.
Let's recycle this bug for this purpose.
Fixed up-stream in: libguestfs commit range 00b9ef239342..08c4ac90f5a3 libguestfs-common commit range 81f86a0058a9..48527b8768d7 guestfs-tools commit 19de3d1c8d4e virt-v2v commit 0c24fc6015ce