diff options
author | Scott Moser <smoser@ubuntu.com> | 2013-08-15 13:32:14 -0400 |
---|---|---|
committer | Scott Moser <smoser@ubuntu.com> | 2013-08-15 13:32:14 -0400 |
commit | b2ee0966793f3a9c7d8e92ce1c13b9583a9a76e7 (patch) | |
tree | 6d9283670e1d7b7966bd585b52cc2ec282fc126a | |
parent | e23861e5a193377023e55da6234e23acd63a521a (diff) | |
parent | e668da729a0f9cd5d93d909a9b44d74cf6925dd5 (diff) | |
download | vyos-cloud-init-b2ee0966793f3a9c7d8e92ce1c13b9583a9a76e7.tar.gz vyos-cloud-init-b2ee0966793f3a9c7d8e92ce1c13b9583a9a76e7.zip |
fix setting of password for a user on azure.
If azure ovf data specified a password, then get that password passed
through to useradd. Also updates the test case to verify that the
value was encrypted correctly.
LP: #1212723
-rw-r--r-- | cloudinit/sources/DataSourceAzure.py | 7 | ||||
-rw-r--r-- | tests/unittests/test_datasource/test_azure.py | 11 |
2 files changed, 14 insertions, 4 deletions
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py index 1a74de21..7ec622bf 100644 --- a/cloudinit/sources/DataSourceAzure.py +++ b/cloudinit/sources/DataSourceAzure.py @@ -17,6 +17,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import base64 +import crypt import os import os.path import time @@ -424,7 +425,7 @@ def read_azure_ovf(contents): if username: defuser['name'] = username if password: - defuser['password'] = password + defuser['passwd'] = encrypt_pass(password) defuser['lock_passwd'] = False if defuser: @@ -436,6 +437,10 @@ def read_azure_ovf(contents): return (md, ud, cfg) +def encrypt_pass(password, salt_id="$6$"): + return crypt.crypt(password, salt_id + util.rand_str(strlen=16)) + + def list_possible_azure_ds_devs(): # return a sorted list of devices that might have a azure datasource devlist = [] diff --git a/tests/unittests/test_datasource/test_azure.py b/tests/unittests/test_datasource/test_azure.py index 06f8a5d2..1ca6a79d 100644 --- a/tests/unittests/test_datasource/test_azure.py +++ b/tests/unittests/test_datasource/test_azure.py @@ -2,6 +2,7 @@ from cloudinit import helpers from cloudinit.sources import DataSourceAzure from tests.unittests.helpers import populate_dir +import crypt import base64 from mocker import MockerTestCase import os @@ -207,11 +208,15 @@ class TestAzureDataSource(MockerTestCase): self.assertTrue('default_user' in dsrc.cfg['system_info']) defuser = dsrc.cfg['system_info']['default_user'] - # default user shoudl be updated for password and username - # and should not be locked. + # default user should be updated username and should not be locked. self.assertEqual(defuser['name'], odata['UserName']) - self.assertEqual(defuser['password'], odata['UserPassword']) self.assertFalse(defuser['lock_passwd']) + # passwd is crypt formated string $id$salt$encrypted + # encrypting plaintext with salt value of everything up to final '$' + # should equal that after the '$' + pos = defuser['passwd'].rfind("$") + 1 + self.assertEqual(defuser['passwd'], + crypt.crypt(odata['UserPassword'], defuser['passwd'][0:pos])) def test_userdata_found(self): mydata = "FOOBAR" |