at the end of a automated debian 12 install I'd like to run the following:
d-i preseed/late_command string \
in-target sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config; \
in-target sed -i 's/#Port 22/Port 22/' /etc/ssh/sshd_config; \
in-target systemctl restart ssh; \
in-target ip a;
The Idea is to automatically allow a root login via ssh immediately after the debian installation. The use case is a service sshs in to complete the product installation.
from looking at the busybox console I'm guessing that I'd need to mnt the right partition or something for this command to work. But currently the installation completes without running the late command at all not sure if
d-i debian-installer/exit/reboot boolean false
is causing that.
Honestly I have seen other threads on this issue but they didn't really answer my question at least in a way I could understand as I'm working a bit outside my lane here.
if I run the command directly in the console I'll get: dpkg-divert: warning diverting file '/sbin/start-stop-damon' from an Essential package with name is dangerous, use --no-rename
any tips apperciated
I haven't been able to make the in-target helper work for me, but I've been having some success with chroot.
Also, it seems like systemd will refuse to run from here; it will complain with "Systemd has not been booted with systemd as init system (PID 1). Can't operate." The good news is that the service command does work.
On another note, I'm pretty sure you could use d-i openssh-server/permit-root-login boolean true to enable the root login, but I'd even suggest creating another user instead (if you don't put a password for root, this user will have sudo, but I think you'll need to install sudo.) By doing this, it'll save you from doing the sed lines (the Port 22 part shouldn't be required either.)
Yet another note, I found that the target environment is missing some mounts (maybe the in-target is expected to mount those,) you'll need to mount /proc, /dev and /dev/pts, but it's fairly easy.
Here's how I think you could do it (leaving the seds just in case, I didn't test that, I have another user):
d-i preseed/late_command string \
chroot /target sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config; \
chroot /target sed -i 's/#Port 22/Port 22/' /etc/ssh/sshd_config; \
mount --bind /dev /target/dev; \
mount --bind /dev/pts /target/dev/pts; \
mount --bind /proc /target/proc; \
chroot /target service ssh start; \
ip a; # this last one doesn't require chroot
I hope it helps.