4.4. Adding users and groups to an Image Builder blueprint in the web console interface
Adding customizations such as users and groups to blueprints in the web console interface is currently not possible. To work around this limitation, use the Terminal tab in web console to use the command-line interface (CLI) workflow.
Prerequisites
- A blueprint must exist.
- A CLI text editor such as
vim
,nano
, oremacs
must be installed. To install them:# yum install editor-name
Procedure
1. Find out the name of the blueprint: Open the Image Builder (Image builder) tab on the left in the RHEL 7 web console to see the name of the blueprint.
2. Navigate to the CLI in web console: Open the system administration tab on the left, then select the last item Terminal from the list on the left.
3. Enter the super-user (root) mode:
$ sudo bash
Provide your credentials when asked. Note that the terminal does not reuse your credentials you entered when logging into the web console.
A new shell with root privileges starts in your home directory.
4. Export the blueprint to a file:
# composer-cli blueprints save BLUEPRINT-NAME
5. Edit the file BLUEPRINT-NAME.toml with a CLI text editor of your choice and add the users and groups.
重要
RHEL 7 web console does not have any built-in feature to edit text files on the system, so the use of a CLI text editor is required for this step.
- i. For every user to be added, add this block to the file:
[[customization.user]] name = "USER-NAME" description = "USER-DESCRIPTION" password = "PASSWORD-HASH" key = "ssh-rsa (...) key-name" home = "/home/USER-NAME/" shell = "/usr/bin/bash" groups = ["users", "wheel"] uid = NUMBER gid = NUMBER
Replace PASSWORD-HASH with the actual password hash. To generate the hash, use a command such as this:$ python3 -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'
Replace ssh-rsa (…) key-name with the actual public key.Replace the other placeholders with suitable values.Leave out any of the lines as needed, only the user name is required. - ii. For every user group to be added, add this block to the file:
[[customizations.group]] name = "GROUP-NAME" gid = NUMBER
iii. Increase the version number.iv. Save the file and close the editor. - 6. Import the blueprint back into Image Builder:
# composer-cli blueprints push BLUEPRINT-NAME.toml
Note that you must supply the file name including the.toml
extension, while in other commands you use only the name of the blueprint. - 7. To verify that the contents uploaded to Image Builder match your edits, list the contents of blueprint:
# composer-cli blueprints show BLUEPRINT-NAME
Check if the version matches what you put in the file and if your customizations are present.重要The Image Builder plug-in for RHEL 7 web console does not show any information that could be used to verify that the changes have been applied, unless you edited also the packages included in the blueprint. - 8. Exit the privileged shell:
# exit
- 9. Open the Image Builder (Image builder) tab on the left and refresh the page, in all browsers and all tabs where it was opened.This prevents state cached in the loaded page from accidentally reverting your changes.