summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-04-13 19:03:59 +0200
committerGitHub <noreply@github.com>2021-04-13 19:03:59 +0200
commit9bf9c2b0d526351df4b076a15073dc23b65b4051 (patch)
treeafc30300034973b2fc017664ac4c700a9c53bce7 /src
parentf5be83ccde5f164ffb9a0e9d5f1f2631f39e8216 (diff)
parent0644544b4e4e860687994070b57786c62fdfb018 (diff)
downloadvyos-1x-9bf9c2b0d526351df4b076a15073dc23b65b4051.tar.gz
vyos-1x-9bf9c2b0d526351df4b076a15073dc23b65b4051.zip
Merge pull request #802 from sever-sever/T3455
login: T3455: Fix edit level configuration for user
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/system-login.py28
1 files changed, 23 insertions, 5 deletions
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py
index 99af5c757..c8b81d80a 100755
--- a/src/conf_mode/system-login.py
+++ b/src/conf_mode/system-login.py
@@ -158,11 +158,29 @@ def generate(login):
env = os.environ.copy()
env['vyos_libexec_dir'] = '/usr/libexec/vyos'
- call(f"/opt/vyatta/sbin/my_delete system login user '{user}' " \
- f"authentication plaintext-password", env=env)
-
- call(f"/opt/vyatta/sbin/my_set system login user '{user}' " \
- f"authentication encrypted-password '{encrypted_password}'", env=env)
+ # Set default commands for re-adding user with encrypted password
+ del_user_plain = f"system login user '{user}' authentication plaintext-password"
+ add_user_encrypt = f"system login user '{user}' authentication encrypted-password '{encrypted_password}'"
+
+ lvl = env['VYATTA_EDIT_LEVEL']
+ # We're in config edit level, for example "edit system login"
+ # Change default commands for re-adding user with encrypted password
+ if lvl != '/':
+ # Replace '/system/login' to 'system login'
+ lvl = lvl.strip('/').split('/')
+ # Convert command str to list
+ del_user_plain = del_user_plain.split()
+ # New command exclude level, for example "edit system login"
+ del_user_plain = del_user_plain[len(lvl):]
+ # Convert string to list
+ del_user_plain = " ".join(del_user_plain)
+
+ add_user_encrypt = add_user_encrypt.split()
+ add_user_encrypt = add_user_encrypt[len(lvl):]
+ add_user_encrypt = " ".join(add_user_encrypt)
+
+ call(f"/opt/vyatta/sbin/my_delete {del_user_plain}", env=env)
+ call(f"/opt/vyatta/sbin/my_set {add_user_encrypt}", env=env)
else:
try:
if getspnam(user).sp_pwdp == dict_search('authentication.encrypted_password', user_config):