diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-06-15 08:44:54 +0200 |
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-06-24 14:08:27 +0000 |
| commit | 8603967cbd7eb1ecdbad2e0960d1a18c667d38a3 (patch) | |
| tree | c9049d3911b4bfbeec7c938122213dd47cad0a62 /src/conf_mode/system_login.py | |
| parent | 6baee9809a0626f9f555060cfb7b173388377deb (diff) | |
| download | vyos-1x-8603967cbd7eb1ecdbad2e0960d1a18c667d38a3.tar.gz vyos-1x-8603967cbd7eb1ecdbad2e0960d1a18c667d38a3.zip | |
T6489: add abstraction vyos.utils.configfs to work natively with the config filesystem
(cherry picked from commit d7a18a3da949bfa3df89661cc0871e8f23b18a10)
Diffstat (limited to 'src/conf_mode/system_login.py')
| -rwxr-xr-x | src/conf_mode/system_login.py | 26 |
1 files changed, 7 insertions, 19 deletions
diff --git a/src/conf_mode/system_login.py b/src/conf_mode/system_login.py index afddae4dc..439fa645b 100755 --- a/src/conf_mode/system_login.py +++ b/src/conf_mode/system_login.py @@ -21,22 +21,20 @@ from psutil import users from pwd import getpwall from pwd import getpwnam from pwd import getpwuid -from shutil import rmtree from sys import exit from time import sleep from vyos.config import Config from vyos.configverify import verify_vrf -from vyos.defaults import directories from vyos.template import render from vyos.template import is_ipv4 from vyos.utils.auth import get_current_user +from vyos.utils.configfs import delete_cli_node +from vyos.utils.configfs import add_cli_node from vyos.utils.dict import dict_search from vyos.utils.file import chown -from vyos.utils.file import write_file from vyos.utils.process import cmd from vyos.utils.process import call -from vyos.utils.process import rc_cmd from vyos.utils.process import run from vyos.utils.process import DEVNULL from vyos import ConfigError @@ -216,7 +214,6 @@ def verify(login): def generate(login): # calculate users encrypted password if 'user' in login: - env = os.environ.copy() for user, user_config in login['user'].items(): tmp = dict_search('authentication.plaintext_password', user_config) if tmp: @@ -225,20 +222,11 @@ def generate(login): del login['user'][user]['authentication']['plaintext_password'] # Set default commands for re-adding user with encrypted password - del_user_plain = f'system login user {user} authentication plaintext-password' - add_user_encrypt = f'system login user {user} authentication encrypted-password' - - for config_dir in ['VYATTA_TEMP_CONFIG_DIR', 'VYATTA_CHANGES_ONLY_DIR']: - tmp = os.path.join(env[config_dir], '/'.join(del_user_plain.split())) - # delete temporary plaintext-password CLI node - if os.path.exists(tmp): - rmtree(tmp) - - # store encrypted password - tmp = os.path.join(env[config_dir], '/'.join(add_user_encrypt.split())) - write_file(f'{tmp}/node.val', encrypted_password, user=get_current_user(), group='vyattacfg', mode=0o664) - if config_dir == 'VYATTA_CHANGES_ONLY_DIR': - write_file(f'{tmp}/.modified', encrypted_password, user=get_current_user(), group='vyattacfg', mode=0o664) + del_user_plain = ['system', 'login', 'user', user, 'authentication', 'plaintext-password'] + add_user_encrypt = ['system', 'login', 'user', user, 'authentication', 'encrypted-password'] + + delete_cli_node(del_user_plain) + add_cli_node(add_user_encrypt, value=encrypted_password) else: try: |