diff options
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | installclass.py | 4 | ||||
| -rw-r--r-- | instdata.py | 42 | ||||
| -rw-r--r-- | iw/account_gui.py | 9 | ||||
| -rw-r--r-- | kickstart.py | 5 | ||||
| -rw-r--r-- | textw/userauth_text.py | 10 | ||||
| -rw-r--r-- | users.py | 91 |
7 files changed, 59 insertions, 111 deletions
@@ -2,6 +2,15 @@ * anaconda: Make some symlinks earlier. + * installclass.py (BaseInstallClass.setRootPassword): Removed. + * instdata.py (InstallData): Use libuser for handling the root + password. + * kickstart.py (AnacondaKSHandlers.doRootPassword): Use instdata. + * users.py: Removed, since we don't deal with non-root accounts + anymore. + * iw/account_gui.py: Use new password handling system. + * textw/userauth_text.py: Likewise. + 2006-04-10 David Cantrell <dcantrell@redhat.com> * scripts/mk-rescueimage.i386: Do not call sys.exit(0) from usage(). diff --git a/installclass.py b/installclass.py index 5acaf21a9..3c6a6930f 100644 --- a/installclass.py +++ b/installclass.py @@ -243,9 +243,6 @@ class BaseInstallClass: def setTimezoneInfo(self, id, timezone, asUtc = 0, asArc = 0): id.timezone.setTimezoneInfo(timezone, asUtc, asArc) - def setRootPassword(self, id, pw, isCrypted = 0): - id.rootPassword.set(pw, isCrypted) - def setAuthentication(self, id, authStr): id.auth = authStr @@ -462,7 +459,6 @@ class BaseInstallClass: #id.setFirewall() #id.setLanguageDefault() #id.setTimezone() - #id.setRootPassword() #id.setAuthentication() #id.setHostname() #id.setDesktop() diff --git a/instdata.py b/instdata.py index 6645f4665..dfe750be5 100644 --- a/instdata.py +++ b/instdata.py @@ -21,7 +21,6 @@ import firewall import security import timezone import desktop -import users import fsset import bootloader import partitions @@ -39,6 +38,23 @@ import rhpl.keyboard as keyboard import logging log = logging.getLogger("anaconda") +def cryptPassword(password, useMD5): + import crypt + import random + + if useMD5: + salt = "$1$" + saltLen = 8 + else: + salt = "" + saltLen = 2 + + for i in range(saltLen): + salt = salt + random.choice (string.letters + + string.digits + './') + + return crypt.crypt (password, salt) + # Collector class for all data related to an install/upgrade. class InstallData: @@ -57,7 +73,7 @@ class InstallData: self.firewall = firewall.Firewall() self.security = security.Security() self.timezone = timezone.Timezone() - self.rootPassword = users.RootPassword () + self.rootPassword = { "isCrypted": False, "password": "" } self.auth = "--enableshadow --enablemd5" self.desktop = desktop.Desktop() self.upgrade = None @@ -145,7 +161,20 @@ class InstallData: self.firewall.write (instPath) self.security.write (instPath) - self.rootPassword.write (instPath, useMD5) + + # User should already exist, just without a password. + import libuser + self.luAdmin = libuser.admin() + rootUser = self.luAdmin.lookupUserByName("root") + + if self.rootPassword["isCrypted"]: + log.warning("password is crypted, setting to %s" % self.rootPassword["password"]) + self.luAdmin.setpassUser(rootUser, self.rootPassword["password"], True) + self.luAdmin.modifyUser(rootUser) + else: + log.warning("password is not crypted, setting to %s" % self.rootPassword["password"]) + self.luAdmin.setpassUser(rootUser, cryptPassword(self.rootPassword["password"], useMD5), True) + self.luAdmin.modifyUser(rootUser) def writeKS(self, filename): if self.auth.find("--enablemd5"): @@ -199,7 +228,12 @@ class InstallData: self.xsetup.writeKS(f, self.desktop) self.network.writeKS(f) self.zfcp.writeKS(f) - self.rootPassword.writeKS(f, useMD5) + + if self.rootPassword["isCrypted"]: + f.write("rootpw --iscrypted %s" % self.rootPassword["password"]) + else: + f.write("rootpw --iscrypted %s" % cryptPassword(self.rootPassword["password"], useMD5)) + self.firewall.writeKS(f) if self.auth.strip() != "": f.write("authconfig %s\n" % self.auth) diff --git a/iw/account_gui.py b/iw/account_gui.py index 7d998a75e..9a84a9099 100644 --- a/iw/account_gui.py +++ b/iw/account_gui.py @@ -69,7 +69,7 @@ class AccountWindow (InstallWindow): custom_icon="error") passwordError() - self.rootPw.set (self.pw.get_text ()) + self.rootPw["password"] = self.pw.get_text() return None def setFocus (self, area, data): @@ -136,9 +136,8 @@ class AccountWindow (InstallWindow): wrapper.pack_start (self.rootStatus) box.pack_start (wrapper, False) - pw = self.rootPw.getPure() - if pw: - self.pw.set_text(pw) - self.confirm.set_text(pw) + if not self.rootPw["isCrypted"]: + self.pw.set_text(self.rootPw["password"]) + self.confirm.set_text(self.rootPw["password"]) return box diff --git a/kickstart.py b/kickstart.py index b90de8cd4..ac8090618 100644 --- a/kickstart.py +++ b/kickstart.py @@ -515,8 +515,9 @@ class AnacondaKSHandlers(KickstartHandlers): def doRootPw(self, id, args): KickstartHandlers.doRootPw(self, args) dict = self.ksdata.rootpw - - id.instClass.setRootPassword(id, dict["password"], dict["isCrypted"]) + + id.rootPassword["password"] = dict["password"] + id.rootPassword["isCrypted"] = dict["isCrypted"] self.skipSteps.append("accounts") def doSELinux(self, id, args): diff --git a/textw/userauth_text.py b/textw/userauth_text.py index cc394b57a..f2266680a 100644 --- a/textw/userauth_text.py +++ b/textw/userauth_text.py @@ -33,11 +33,11 @@ class RootPasswordWindow: "root password is a critical part " "of system security!")), 0, 0, (0, 0, 0, 1)) - pw = rootPw.getPure() - if not pw: pw = "" + if rootPw["isCrypted"]: + rootPw["password"] = "" - entry1 = Entry (24, password = 1, text = pw) - entry2 = Entry (24, password = 1, text = pw) + entry1 = Entry (24, password = 1, text = rootPw["password"]) + entry2 = Entry (24, password = 1, text = rootPw["password"]) passgrid = Grid (2, 2) passgrid.setField (Label (_("Password:")), 0, 0, (0, 0, 1, 0), anchorLeft = 1) passgrid.setField (Label (_("Password (confirm):")), 0, 1, (0, 0, 1, 0), anchorLeft = 1) @@ -77,5 +77,5 @@ class RootPasswordWindow: entry2.set ("") screen.popWindow() - rootPw.set (entry1.value ()) + rootPw["password"] = entry1.value() return INSTALL_OK diff --git a/users.py b/users.py deleted file mode 100644 index b867d500b..000000000 --- a/users.py +++ /dev/null @@ -1,91 +0,0 @@ -# -# users.py - user account install data -# -# Matt Wilson <msw@redhat.com> -# Brent Fox <bfox@redhat.com> -# -# Copyright 2001 Red Hat, Inc. -# -# This software may be freely redistributed under the terms of the GNU -# library public license. -# -# You should have received a copy of the GNU Library Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -# - -import iutil -import random -import crypt -import os -import string - -class Password: - def __init__ (self): - self.crypt = None - self.pure = None - - def getPure(self): - return self.pure - - def set (self, password, isCrypted = 0): - if isCrypted: - self.crypt = password - self.pure = None - else: - salt = (random.choice (string.letters + - string.digits + './') + - random.choice (string.letters + - string.digits + './')) - self.crypt = crypt.crypt (password, salt) - self.pure = password - - def getCrypted(self): - return self.crypt - -class RootPassword(Password): - def __repr__(self): - return "<Type RootPassword>" - - def __str__(self): - return "<Type RootPassword>" - - def write(self, instPath, useMD5): - pure = self.getPure() - if pure: - setPassword(instPath, "root", pure, useMD5) - else: - setPassword(instPath, "root", self.getCrypted (), useMD5, - alreadyCrypted = 1) - - def writeKS(self, f, useMD5): - pure = self.getPure() - if pure: - f.write("rootpw --iscrypted %s\n" %(cryptPassword(pure, useMD5))) - else: - f.write("rootpw --iscrypted %s\n" %(self.getCrypted())) - -def cryptPassword(password, useMD5): - if useMD5: - salt = "$1$" - saltLen = 8 - else: - salt = "" - saltLen = 2 - - for i in range(saltLen): - salt = salt + random.choice (string.letters + - string.digits + './') - - return crypt.crypt (password, salt) - -def setPassword(instPath, account, password, useMD5, alreadyCrypted = 0): - if not alreadyCrypted: - password = cryptPassword(password, useMD5) - - devnull = os.open("/dev/null", os.O_RDWR) - - argv = [ "/usr/sbin/usermod", "-p", password, account ] - iutil.execWithRedirect(argv[0], argv, root = instPath, - stdout = '/dev/null', stderr = None) - os.close(devnull) |