diff options
author | Chris Lumens <clumens@redhat.com> | 2007-06-07 17:32:34 +0000 |
---|---|---|
committer | Chris Lumens <clumens@redhat.com> | 2007-06-07 17:32:34 +0000 |
commit | 287401bdae1a48f900cadd4048e185ea46781734 (patch) | |
tree | 22dcb2ab43da0ae54b5b72740e513d4038be4e83 | |
parent | dc97e9b70e553ef8cde6c926279e2e67de0bde2c (diff) | |
download | anaconda-287401bdae1a48f900cadd4048e185ea46781734.tar.gz anaconda-287401bdae1a48f900cadd4048e185ea46781734.tar.xz anaconda-287401bdae1a48f900cadd4048e185ea46781734.zip |
Lock accounts if asked (#240059).
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | instdata.py | 17 | ||||
-rw-r--r-- | kickstart.py | 7 | ||||
-rw-r--r-- | users.py | 14 |
4 files changed, 34 insertions, 12 deletions
@@ -1,3 +1,11 @@ +2007-06-07 Chris Lumens <clumens@redhat.com> + + * instdata (InstallData.write): Lock accounts if asked (#240059). + * kickstart.py (RootPw): Inherit from new F8 rootpw command to handle + --lock. + * users.py (Users.createUser, Users.setRootPassword): Lock accounts + if asked. + 2007-06-06 Chris Lumens <clumens@redhat.com> * loader2/module-info: Add support for Areca RAID controllers diff --git a/instdata.py b/instdata.py index 6191edd93..c07a87aff 100644 --- a/instdata.py +++ b/instdata.py @@ -61,7 +61,7 @@ class InstallData: self.timezone = timezone.Timezone() self.timezone.setTimezoneInfo(self.instLanguage.getDefaultTimeZone()) self.users = None - self.rootPassword = { "isCrypted": False, "password": "" } + self.rootPassword = { "isCrypted": False, "password": "", lock: False } self.auth = "--enableshadow --enablemd5" self.desktop = desktop.Desktop() self.upgrade = None @@ -160,7 +160,8 @@ class InstallData: # User should already exist, just without a password. self.users.setRootPassword(self.rootPassword["password"], - self.rootPassword["isCrypted"], useMD5) + self.rootPassword["isCrypted"], useMD5, + self.rootPassword["lock"]) if anaconda.isKickstart: for svc in self.ksdata.services.disabled: @@ -178,7 +179,8 @@ class InstallData: for ud in self.ksdata.user.userList: if self.users.createUser(ud.name, ud.password, ud.isCrypted, ud.groups, ud.homedir, ud.shell, - ud.uid, root=anaconda.rootPath) == None: + ud.uid, ud.lock, + root=anaconda.rootPath) == None: log.error("User %s already exists, not creating." % ud.name) @@ -241,9 +243,14 @@ class InstallData: self.zfcp.writeKS(f) if self.rootPassword["isCrypted"]: - f.write("rootpw --iscrypted %s\n" % self.rootPassword["password"]) + args = " --iscrypted %s" % self.rootPassword["password"] else: - f.write("rootpw --iscrypted %s\n" % users.cryptPassword(self.rootPassword["password"], useMD5)) + args = " --iscrypted %s" % users.cryptPassword(self.rootPassword["password"], useMD5)) + + if self.rootPassword["lock"]: + args += " --lock" + + f.write("rootpw %s\n" % args) self.firewall.writeKS(f) if self.auth.strip() != "": diff --git a/kickstart.py b/kickstart.py index 6c1dd2ab6..6024b22aa 100644 --- a/kickstart.py +++ b/kickstart.py @@ -557,12 +557,13 @@ class Raid(commands.raid.F7_Raid): addPartRequest(self.handler.anaconda, request) self.handler.skipSteps.extend(["partition", "zfcpconfig", "parttype"]) -class RootPw(commands.rootpw.FC3_RootPw): +class RootPw(commands.rootpw.F8_RootPw): def parse(self, args): - commands.rootpw.FC3_RootPw.parse(self, args) + commands.rootpw.F8_RootPw.parse(self, args) self.handler.id.rootPassword["password"] = self.password self.handler.id.rootPassword["isCrypted"] = self.isCrypted + self.handler.id.rootPassword["lock"] = self.lock self.handler.skipSteps.append("accounts") class SELinux(commands.selinux.FC3_SELinux): @@ -701,7 +702,7 @@ commandMap = { "timezone": Timezone, "upgrade": Upgrade, "url": commands.method.FC6_Method, - "user": commands.user.FC6_User, + "user": commands.user.F8_User, "vnc": commands.vnc.FC6_Vnc, "volgroup": VolGroup, "xconfig": XConfig, @@ -3,7 +3,7 @@ # # Chris Lumens <clumens@redhat.com> # -# Copyright (c) 2006 Red Hat, Inc. +# Copyright (c) 2006, 2007 Red Hat, Inc. # # This software may be freely redistributed under the terms of the GNU # general public license. @@ -39,7 +39,6 @@ directory = %(instPath)s/etc os.close(fd) os.environ["LIBUSER_CONF"] = fn - def cryptPassword(password, useMD5): if useMD5: @@ -60,7 +59,8 @@ class Users: self.admin = libuser.admin() def createUser (self, name, password=None, isCrypted=False, groups=[], - homedir=None, shell=None, uid=None, root="/mnt/sysimage"): + homedir=None, shell=None, uid=None, lock=False, + root="/mnt/sysimage"): if self.admin.lookupUserByName(name): return None @@ -98,11 +98,14 @@ class Users: else: self.admin.setpassUser(userEnt, cryptPassword(password, True), isCrypted) + if lock: + self.admin.lockUser(userEnt) + # Now set the correct home directory to fix up passwd. userEnt.set(libuser.HOMEDIRECTORY, homedir) self.admin.modifyUser(userEnt) - def setRootPassword(self, password, isCrypted, useMD5): + def setRootPassword(self, password, isCrypted, useMD5, lock): rootUser = self.admin.lookupUserByName("root") if isCrypted: @@ -110,4 +113,7 @@ class Users: else: self.admin.setpassUser(rootUser, cryptPassword(password, useMD5), True) + if lock: + self.admin.lockUser(rootUser) + self.admin.modifyUser(rootUser) |