Force root account to have disabled password

This makes sure there is no working password for user root in ISO.
author: Stephen Hemminger <stephen.hemminger@vyatta.com> 2009-12-08 15:02:10 -0800
committer: Stephen Hemminger <stephen.hemminger@vyatta.com> 2009-12-08 15:02:10 -0800
commit: 2d345fab89209bef76823d8b2ee6f7f0cc1db84f (patch)
tree: fa75e4eb52f8817a69e82b459bb272aae26e8080 /debian/vyatta-cfg-system.postinst.in
parent: f956bfc6ee753fbbf251a7c43e7ad2573aa89c83 (diff)
download: vyatta-cfg-quagga-2d345fab89209bef76823d8b2ee6f7f0cc1db84f.tar.gz
vyatta-cfg-quagga-2d345fab89209bef76823d8b2ee6f7f0cc1db84f.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index 25edb438..0ccf25a2 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -25,6 +25,9 @@ if ! grep -q '^tss' /etc/passwd; then
     adduser --system --group --shell /usr/sbin/nologin --home /var/lib/tpm tss
 fi
 
+# Make sure root account can not be used for login by turning off password
+usermod -p ! root
+
 case `grep '^RULES_FILE=' /lib/udev/write_net_rules` in
 *z25_persistent-net.rules* )
 	vyatta_net_rules=z24_vyatta-net.rules;;
author	Stephen Hemminger <stephen.hemminger@vyatta.com>	2009-12-08 15:02:10 -0800
committer	Stephen Hemminger <stephen.hemminger@vyatta.com>	2009-12-08 15:02:10 -0800
commit	2d345fab89209bef76823d8b2ee6f7f0cc1db84f (patch)
tree	fa75e4eb52f8817a69e82b459bb272aae26e8080 /debian/vyatta-cfg-system.postinst.in
parent	f956bfc6ee753fbbf251a7c43e7ad2573aa89c83 (diff)
download	vyatta-cfg-quagga-2d345fab89209bef76823d8b2ee6f7f0cc1db84f.tar.gz vyatta-cfg-quagga-2d345fab89209bef76823d8b2ee6f7f0cc1db84f.zip