+# beware that patch_lvref_systemd will return early on non systemd-powered images
+function patch_lvref () {
+ rootfs=$1; shift
+
+ # Allow a user who logins via ssh to sudo
+ chroot $rootfs sed -i 's/^Defaults\ *requiretty/\#&/' /etc/sudoers
+ # Allow to login at virsh console. loginuid.so doen't work in the absence of auditd
+ # which cannot run inside a container.
+ chroot $rootfs sed -i 's/^.*loginuid.so.*$/\#&/' /etc/pam.d/login
+ # Enable eth0 on bootup
+ cat <<EOF > $rootfs/etc/sysconfig/network-scripts/ifcfg-eth0
+DEVICE=eth0
+BOOTPROTO=dhcp
+ONBOOT=yes
+EOF
+ # Tweak sshd configuration
+ chroot $rootfs sed -i 's/^UsePAM\ *yes/\#&/' /etc/ssh/sshd_config
+ # commenting out the defaults in the file is not enough, need to explicitly set these to no
+ chroot $rootfs sed -i 's/^GSSAPIAuthentication.*$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
+ chroot $rootfs sed -i 's/^PasswordAuthentication.*$/PasswordAuthentication no/' /etc/ssh/sshd_config
+ # Allow root to login at virsh console
+ echo "pts/0" >> $rootfs/etc/securetty
+ # our image does not have NetworkManager, only network, and it is off by default
+ chroot $rootfs chkconfig network on
+
+ # this will run only if the rootfs seems to be systemd-based
+ patch_lvref_systemd $rootfs
+}
+