Date: Mon, 10 Jan 2011 19:57:18 +0000 (UTC) From: Josh Paetzel <jpaetzel@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r217234 - in head/usr.sbin/pc-sysinstall: backend examples Message-ID: <201101101957.p0AJvIqQ091704@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jpaetzel (ports committer) Date: Mon Jan 10 19:57:18 2011 New Revision: 217234 URL: http://svn.freebsd.org/changeset/base/217234 Log: Add support for using encrypted password strings when setting the root / user passwords PR: bin/152868 Submitted by: kmoore Approved by: imp Modified: head/usr.sbin/pc-sysinstall/backend/functions-cleanup.sh head/usr.sbin/pc-sysinstall/backend/functions-users.sh head/usr.sbin/pc-sysinstall/examples/README Modified: head/usr.sbin/pc-sysinstall/backend/functions-cleanup.sh ============================================================================== --- head/usr.sbin/pc-sysinstall/backend/functions-cleanup.sh Mon Jan 10 19:55:30 2011 (r217233) +++ head/usr.sbin/pc-sysinstall/backend/functions-cleanup.sh Mon Jan 10 19:57:18 2011 (r217234) @@ -371,19 +371,32 @@ setup_gjournal() # Function which sets the root password from the install config set_root_pw() { + # Get the plaintext string get_value_from_cfg_with_spaces rootPass - PW="${VAL}" + local PW="${VAL}" + + # Get the encrypted string + get_value_from_cfg_with_spaces rootEncPass + local ENCPW="${VAL}" # If we don't have a root pass, return - if [ -z "${PW}" ] - then - return 0 - fi + if [ -z "${PW}" -a -z "${ENCPW}" ] ; then return 0 ; fi echo_log "Setting root password" - echo "${PW}" > ${FSMNT}/.rootpw - run_chroot_cmd "cat /.rootpw | pw usermod root -h 0" - rc_halt "rm ${FSMNT}/.rootpw" + + # Check if setting plaintext password + if [ ! -z "${PW}" ] ; then + echo "${PW}" > ${FSMNT}/.rootpw + run_chroot_cmd "cat /.rootpw | pw usermod root -h 0" + rc_halt "rm ${FSMNT}/.rootpw" + fi + + # Check if setting encrypted password + if [ ! -z "${ENCPW}" ] ; then + echo "${ENCPW}" > ${FSMNT}/.rootpw + run_chroot_cmd "cat /.rootpw | pw usermod root -H 0" + rc_halt "rm ${FSMNT}/.rootpw" + fi }; Modified: head/usr.sbin/pc-sysinstall/backend/functions-users.sh ============================================================================== --- head/usr.sbin/pc-sysinstall/backend/functions-users.sh Mon Jan 10 19:55:30 2011 (r217233) +++ head/usr.sbin/pc-sysinstall/backend/functions-users.sh Mon Jan 10 19:57:18 2011 (r217234) @@ -93,6 +93,13 @@ setup_users() USERPASS="$VAL" fi + echo $line | grep "^userEncPass=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + get_value_from_string "${line}" + USERENCPASS="$VAL" + fi + echo $line | grep "^userShell=" >/dev/null 2>/dev/null if [ "$?" = "0" ] then @@ -135,6 +142,10 @@ setup_users() then ARGS="${ARGS} -h 0" echo "${USERPASS}" >${FSMNT}/.tmpPass + elif [ ! -z "${USERENCPASS}" ] + then + ARGS="${ARGS} -H 0" + echo "${USERENCPASS}" >${FSMNT}/.tmpPass else ARGS="${ARGS} -h -" rm ${FSMNT}/.tmpPass 2>/dev/null 2>/dev/null @@ -160,7 +171,7 @@ setup_users() add_user "${ARGS}" # Unset our vars before looking for any more users - unset USERNAME USERCOMMENT USERPASS USERSHELL USERHOME USERGROUPS + unset USERNAME USERCOMMENT USERPASS USERENCPASS USERSHELL USERHOME USERGROUPS else exit_err "ERROR: commitUser was called without any userName= entry!!!" fi Modified: head/usr.sbin/pc-sysinstall/examples/README ============================================================================== --- head/usr.sbin/pc-sysinstall/examples/README Mon Jan 10 19:55:30 2011 (r217233) +++ head/usr.sbin/pc-sysinstall/examples/README Mon Jan 10 19:57:18 2011 (r217234) @@ -286,7 +286,11 @@ Options for setting up usernames and pas # rootPass=root -Set the root password of the installed system to the specified string +Set the root password of the installed system to the specified plaintext string + +# rootEncPass=<encryptedstring> + +Set the root password of the installed system to the specified encrypted string The below variables are used to setup a user on the installed system Be sure to call commitUser after after adding these values, and before @@ -295,6 +299,8 @@ starting another user block # userName=kris # userComment=Kris Moore # userPass=mypass +or +# userEncPass=<encryptedstring> # userShell=/bin/csh # userHome=/home/kris # userGroups=wheel,operator
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201101101957.p0AJvIqQ091704>