Recently I’ve needed to install a virtual machine on my spiffy RHEL 5.3 system, so I turned to VMWare, since its free Server software (1.0 series) worked fine on Ubuntu Dapper. So I tried installing Server 2, because newer is better, right (you know where I’m going…)?
Server 2 does user-level authentication, so you need to specify the admin user at setup time. That will be the only user (initially) that can touch the vmware instance. This means that if you disable the root password, then you should not choose ‘root’ as that user.
So this is fine, except that I couldn’t login initially. The trick is that VMWare does its own user authentication off of the normal /etc/{passwd,shadow} files, and I was authenticating with Kerberos as an AFS user.
Here’s how to fix things. You need to modify /etc/vmware/pam.d/vmware-authd . Upon installation, it contains:
#%PAM-1.0
auth  required  pam_unix.so  shadow nullok
account required pam_unix.so
You need to add a line so it looks like:
#%PAM-1.0
auth sufficient pam_krb5.so use_first_pass refresh_creds debugÂ
auth  required  pam_unix.so  shadow nullok
account  required pam_unix.so
I used /etc/pam.d/system-auth as a reference. (I’m not sure the ‘debug’ part is needed.)
Since I couldn’t find anything online (this is one thing that google didn’t really know) that fixed things, I hope this is useful and saves a few hours or so for somebody somewhere. The closest post I found didn’t seem to have a clear resolution and solution.
Update: If something gets borked and it says your user is unauthorized, you can set the admin user by editing the value in the <ACEDataUser> tag in /etc/vmware/hostd/authorization.xml .
Let me know if I’ve missed anything–all I can say is that this worked for me.