diff options
| author | John Southworth <john.southworth@vyatta.com> | 2012-09-25 10:16:57 -0700 |
|---|---|---|
| committer | John Southworth <john.southworth@vyatta.com> | 2012-09-25 10:16:57 -0700 |
| commit | ed7cdece4009646b7f2d67030c439108c3692485 (patch) | |
| tree | 8274096d8283f885ff2373976d7af97f9b557523 /scripts | |
| parent | 0aabbfdb8bf8b51eb774f385f1ec8da0c599a2b4 (diff) | |
| parent | 647f7b50a80925bed700525aebd225ad59319cf4 (diff) | |
| download | vyatta-cfg-system-ed7cdece4009646b7f2d67030c439108c3692485.tar.gz vyatta-cfg-system-ed7cdece4009646b7f2d67030c439108c3692485.zip | |
Bugfix 8290: Detect original unsalted password
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/install-system | 8 | ||||
| -rwxr-xr-x | scripts/install/install-functions | 8 | ||||
| -rwxr-xr-x | scripts/system/vyatta_update_hosts.pl | 5 | ||||
| -rwxr-xr-x | scripts/vyatta-first-login-passwd.sh | 17 |
4 files changed, 24 insertions, 14 deletions
diff --git a/scripts/install-system b/scripts/install-system index 860bdd1e..80e58f6c 100755 --- a/scripts/install-system +++ b/scripts/install-system @@ -1096,9 +1096,13 @@ change_password() { until [[ "$pwd1" == "$pwd2" && "$pwd1" != "vyatta" ]] do - read -p "Enter $user password:" -r -s pwd1 <>/dev/tty 2>&0 + read -p "Enter password for user '$user': " -r -s pwd1 <>/dev/tty 2>&0 echo - read -p "Retype $user password:" -r -s pwd2 <>/dev/tty 2>&0 + if [[ "$pwd1" == "" ]]; then + echo "'' is not a valid password" + continue + fi + read -p "Retype password for user '$user':" -r -s pwd2 <>/dev/tty 2>&0 echo if [ "$pwd1" != "$pwd2" ] diff --git a/scripts/install/install-functions b/scripts/install/install-functions index 9290d88b..34ced705 100755 --- a/scripts/install/install-functions +++ b/scripts/install/install-functions @@ -237,9 +237,13 @@ change_password() { local pwd2="2" until [[ "$pwd1" == "$pwd2" && "$pwd1" != "vyatta" ]]; do - read -p "Enter $user password:" -r -s pwd1 <>/dev/tty 2>&0 + read -p "Enter password for user '$user':" -r -s pwd1 <>/dev/tty 2>&0 echo - read -p "Retype $user password:" -r -s pwd2 <>/dev/tty 2>&0 + if [[ "$pwd1" == "" ]]; then + echo "'' is not a valid password" + continue + fi + read -p "Retype password for user '$user':" -r -s pwd2 <>/dev/tty 2>&0 echo if [ "$pwd1" != "$pwd2" ]; then diff --git a/scripts/system/vyatta_update_hosts.pl b/scripts/system/vyatta_update_hosts.pl index 0fb2a914..7c8bc8e6 100755 --- a/scripts/system/vyatta_update_hosts.pl +++ b/scripts/system/vyatta_update_hosts.pl @@ -71,9 +71,6 @@ if (defined $domain_name) { } $hosts_line .= " $host_name\t #vyatta entry\n"; -set_hostname $host_name; -set_mailname $mail_name; - my ($out, $tempname) = tempfile($HOSTS_TMPL, UNLINK => 1) or die "Can't create temp file: $!"; @@ -97,3 +94,5 @@ close ($out); system("sudo cp $tempname $HOSTS_CFG") == 0 or die "Can't copy $tempname to $HOSTS_CFG: $!"; +set_hostname $host_name; +set_mailname $mail_name; diff --git a/scripts/vyatta-first-login-passwd.sh b/scripts/vyatta-first-login-passwd.sh index 467eff4b..bb37fcc8 100755 --- a/scripts/vyatta-first-login-passwd.sh +++ b/scripts/vyatta-first-login-passwd.sh @@ -91,6 +91,7 @@ change_password() { save } +dpwd='"*"' for user in $($API listEffectiveNodes system login user); do user=${user//\'/} epwd=$(show system login user $user authentication encrypted-password) @@ -100,13 +101,15 @@ for user in $($API listEffectiveNodes system login user); do change_password $user continue fi - salt=$(awk 'BEGIN{ FS="$" }; { print $3 }' <<<$epwd) - if [[ $salt == '' ]];then - continue - fi - vyatta_epwd=$(mkpasswd -H md5 -S $salt vyatta) - if [[ $epwd == $vyatta_epwd ]]; then - change_password $user + if [[ $epwd != $dpwd ]]; then + salt=$(awk 'BEGIN{ FS="$" }; { print $3 }' <<<$epwd) + if [[ $salt == '' ]];then + continue + fi + vyatta_epwd=$(mkpasswd -H md5 -S $salt vyatta) + if [[ $epwd == $vyatta_epwd ]]; then + change_password $user + fi fi done eval $(exit_configure) |