diff options
author | John Southworth <john.southworth@vyatta.com> | 2012-09-04 16:36:24 -0700 |
---|---|---|
committer | John Southworth <john.southworth@vyatta.com> | 2012-09-04 16:36:24 -0700 |
commit | 918bd40d3e3f238a800b1486f70e2d5ee1d71a72 (patch) | |
tree | 38763bbaf267d6a5ecf0dbd417628dce5c92a18e /scripts/install/install-functions | |
parent | 8faaec7b1b9bd034449348b693c5216e349a04ec (diff) | |
download | vyatta-cfg-system-918bd40d3e3f238a800b1486f70e2d5ee1d71a72.tar.gz vyatta-cfg-system-918bd40d3e3f238a800b1486f70e2d5ee1d71a72.zip |
Bugfix 8290
Don't allow default password to persist after first boot.
Due to the numerous ways a user can get a vyatta system this required
a lot of changes.
1. Don't allow a user to set a password to 'vyatta' after first login,
but allow it on the initial boot otherwise the system will have no
user.
2. Don't allow the password to be set to vyatta in installer.
3. Force password change on first login. under the following
conditions:
3.a. User is an admin level user. Operators do not have the abillity
to change the config so they can't change passwords. Allow 'vyatta' to
be the password until an admin logs in.
3.b. This is not the livecd, its silly to force a password change
before install.
Diffstat (limited to 'scripts/install/install-functions')
-rwxr-xr-x | scripts/install/install-functions | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/scripts/install/install-functions b/scripts/install/install-functions index 042ef5bb..9290d88b 100755 --- a/scripts/install/install-functions +++ b/scripts/install/install-functions @@ -236,7 +236,7 @@ change_password() { local pwd1="1" local pwd2="2" - until [ "$pwd1" == "$pwd2" ]; do + until [[ "$pwd1" == "$pwd2" && "$pwd1" != "vyatta" ]]; do read -p "Enter $user password:" -r -s pwd1 <>/dev/tty 2>&0 echo read -p "Retype $user password:" -r -s pwd2 <>/dev/tty 2>&0 @@ -244,7 +244,12 @@ change_password() { if [ "$pwd1" != "$pwd2" ]; then echo "Passwords do not match" + continue fi + if [[ "$pwd1" == "vyatta" ]]; then + echo "'vyatta' is not a vaild password" + continue + fi done # escape any slashes in resulting password |