diff options
| author | Alex Harpin <development@landsofshadow.co.uk> | 2015-06-13 13:04:17 +0100 |
|---|---|---|
| committer | Alex Harpin <development@landsofshadow.co.uk> | 2015-06-13 13:50:26 +0100 |
| commit | 95d0740ae1a3a8b7d348d99e268cc3ded87d4b44 (patch) | |
| tree | 876b0d40e95abd2977460a452018a326787c04af | |
| parent | f67f3fbe6a0da06db327647fe0aacafaad18e601 (diff) | |
| download | vyatta-cfg-system-95d0740ae1a3a8b7d348d99e268cc3ded87d4b44.tar.gz vyatta-cfg-system-95d0740ae1a3a8b7d348d99e268cc3ded87d4b44.zip | |
vyatta-cfg-system: missing encrypted-password breaks user config node
The fix for bug #557 now allows the encrypted-password Authentication
node to be deleted again, but this causes the config to fail on reboot,
leaving the user login node empty.
This fix checks for an empty / missing encrypted-password node on
reboot / config reload, either creating a new node or replacing the
existing one and assigning it the value of "!". This has the same
effect as the fix for bug #336, allowing the user to be set as only
using RSA based logins.
Bug #573 http://bugzilla.vyos.net/show_bug.cgi?id=573
| -rwxr-xr-x | lib/Vyatta/Login/User.pm | 9 | ||||
| -rw-r--r-- | templates/system/login/user/node.def | 8 |
2 files changed, 12 insertions, 5 deletions
diff --git a/lib/Vyatta/Login/User.pm b/lib/Vyatta/Login/User.pm index d3e9b8bd..e03888cd 100755 --- a/lib/Vyatta/Login/User.pm +++ b/lib/Vyatta/Login/User.pm @@ -126,9 +126,14 @@ sub _delete_user { sub _update_user { my $user = shift; my $cfg = new Vyatta::Config; - + my $pwd = ""; + $cfg->setLevel("system login user $user"); - my $pwd = $cfg->returnValue('authentication encrypted-password'); + if ($cfg->exists('authentication encrypted-password')) { + $pwd = $cfg->returnValue('authentication encrypted-password'); + } else { + $pwd = "!"; + } my $level = $cfg->returnValue('level'); my $fname = $cfg->returnValue('full-name'); my $home = $cfg->returnValue('home-directory'); diff --git a/templates/system/login/user/node.def b/templates/system/login/user/node.def index caa53f1b..451cc078 100644 --- a/templates/system/login/user/node.def +++ b/templates/system/login/user/node.def @@ -5,7 +5,9 @@ help: User account information syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_username.pl $VAR(@)" commit:expression: $VAR(@) == "" || + $VAR(authentication/plaintext-password) != "" || + $VAR(authentication/plaintext-password/@) = "" + +commit:expression: $VAR(@) == "" || $VAR(authentication/encrypted-password) != "" || - ( $VAR(authentication/plaintext-password) != "" && - $VAR(authentication/plaintext-password/@) != "") - ; "user password must be specified" + $VAR(authentication/encrypted-password/@) = "!" |