summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorScott Moser <smoser@ubuntu.com>2013-08-15 13:32:14 -0400
committerScott Moser <smoser@ubuntu.com>2013-08-15 13:32:14 -0400
commitb2ee0966793f3a9c7d8e92ce1c13b9583a9a76e7 (patch)
tree6d9283670e1d7b7966bd585b52cc2ec282fc126a
parente23861e5a193377023e55da6234e23acd63a521a (diff)
parente668da729a0f9cd5d93d909a9b44d74cf6925dd5 (diff)
downloadvyos-cloud-init-b2ee0966793f3a9c7d8e92ce1c13b9583a9a76e7.tar.gz
vyos-cloud-init-b2ee0966793f3a9c7d8e92ce1c13b9583a9a76e7.zip
fix setting of password for a user on azure.
If azure ovf data specified a password, then get that password passed through to useradd. Also updates the test case to verify that the value was encrypted correctly. LP: #1212723
-rw-r--r--cloudinit/sources/DataSourceAzure.py7
-rw-r--r--tests/unittests/test_datasource/test_azure.py11
2 files changed, 14 insertions, 4 deletions
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
index 1a74de21..7ec622bf 100644
--- a/cloudinit/sources/DataSourceAzure.py
+++ b/cloudinit/sources/DataSourceAzure.py
@@ -17,6 +17,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import base64
+import crypt
import os
import os.path
import time
@@ -424,7 +425,7 @@ def read_azure_ovf(contents):
if username:
defuser['name'] = username
if password:
- defuser['password'] = password
+ defuser['passwd'] = encrypt_pass(password)
defuser['lock_passwd'] = False
if defuser:
@@ -436,6 +437,10 @@ def read_azure_ovf(contents):
return (md, ud, cfg)
+def encrypt_pass(password, salt_id="$6$"):
+ return crypt.crypt(password, salt_id + util.rand_str(strlen=16))
+
+
def list_possible_azure_ds_devs():
# return a sorted list of devices that might have a azure datasource
devlist = []
diff --git a/tests/unittests/test_datasource/test_azure.py b/tests/unittests/test_datasource/test_azure.py
index 06f8a5d2..1ca6a79d 100644
--- a/tests/unittests/test_datasource/test_azure.py
+++ b/tests/unittests/test_datasource/test_azure.py
@@ -2,6 +2,7 @@ from cloudinit import helpers
from cloudinit.sources import DataSourceAzure
from tests.unittests.helpers import populate_dir
+import crypt
import base64
from mocker import MockerTestCase
import os
@@ -207,11 +208,15 @@ class TestAzureDataSource(MockerTestCase):
self.assertTrue('default_user' in dsrc.cfg['system_info'])
defuser = dsrc.cfg['system_info']['default_user']
- # default user shoudl be updated for password and username
- # and should not be locked.
+ # default user should be updated username and should not be locked.
self.assertEqual(defuser['name'], odata['UserName'])
- self.assertEqual(defuser['password'], odata['UserPassword'])
self.assertFalse(defuser['lock_passwd'])
+ # passwd is crypt formated string $id$salt$encrypted
+ # encrypting plaintext with salt value of everything up to final '$'
+ # should equal that after the '$'
+ pos = defuser['passwd'].rfind("$") + 1
+ self.assertEqual(defuser['passwd'],
+ crypt.crypt(odata['UserPassword'], defuser['passwd'][0:pos]))
def test_userdata_found(self):
mydata = "FOOBAR"