From b5b3e85f0bc8170b97d3e1af2383477c0854914d Mon Sep 17 00:00:00 2001 From: oniko94 Date: Fri, 7 Feb 2025 13:40:37 +0200 Subject: T6353: Add password strength check and user warning --- debian/control | 2 ++ debian/vyos-1x.postinst | 14 +++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/control b/debian/control index efc008af2..4f1207078 100644 --- a/debian/control +++ b/debian/control @@ -123,6 +123,8 @@ Depends: # Live filesystem tools squashfs-tools, fuse-overlayfs, +# Tools for checking password strength + python3-cracklib, ## End installer auditd, iputils-arping, diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst index fde58651a..ba97f37f6 100644 --- a/debian/vyos-1x.postinst +++ b/debian/vyos-1x.postinst @@ -195,6 +195,10 @@ if [ ! -x $PRECONFIG_SCRIPT ]; then EOF fi +# cracklib-runtime default database location +CRACKLIB_DIR=/var/cache/cracklib +CRACKLIB_DB=cracklib_dict + # create /opt/vyatta/etc/config/scripts/vyos-postconfig-bootup.script POSTCONFIG_SCRIPT=/opt/vyatta/etc/config/scripts/vyos-postconfig-bootup.script if [ ! -x $POSTCONFIG_SCRIPT ]; then @@ -206,7 +210,15 @@ if [ ! -x $POSTCONFIG_SCRIPT ]; then # This script is executed at boot time after VyOS configuration is fully applied. # Any modifications required to work around unfixed bugs # or use services not available through the VyOS CLI system can be placed here. - +# +# T6353 - Just in case, check if cracklib was installed properly +# If the database file is missing, re-install the runtime package +# +if [ ! -f "${CRACKLIB_DIR}/${CRACKLIB_DB}.pwd" ]; then + mkdir -p $CRACKLIB_DIR + /usr/sbin/create-cracklib-dict -o $CRACKLIB_DIR/$CRACKLIB_DB \ + /usr/share/dict/cracklib-small +fi EOF fi -- cgit v1.2.3