diff options
| author | Scott Moser <smoser@ubuntu.com> | 2013-08-15 13:16:01 -0400 |
|---|---|---|
| committer | Scott Moser <smoser@ubuntu.com> | 2013-08-15 13:16:01 -0400 |
| commit | e668da729a0f9cd5d93d909a9b44d74cf6925dd5 (patch) | |
| tree | bb62740b8419b24d7a424cf6034679cb34763596 /cloudinit | |
| parent | c09cb99dbee54745f06583d9ff0ea4b91e8b087e (diff) | |
| download | vyos-cloud-init-e668da729a0f9cd5d93d909a9b44d74cf6925dd5.tar.gz vyos-cloud-init-e668da729a0f9cd5d93d909a9b44d74cf6925dd5.zip | |
do not set 'password', but set 'passwd' to crypt'd value
'password' was the wrong key. It should have been setting the default
user's "plain_text_password".
Instead of doing that, though, we're encrypting the value and putting it in
'passwd', which will then be passed on to useradd. The key value in doing
this is that the plain text password will not be stored in obj.pkl.
(admittedly it is still in plain text in the ovf-env.xml file).
Diffstat (limited to 'cloudinit')
| -rw-r--r-- | cloudinit/sources/DataSourceAzure.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py index 1a74de21..7ec622bf 100644 --- a/cloudinit/sources/DataSourceAzure.py +++ b/cloudinit/sources/DataSourceAzure.py @@ -17,6 +17,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import base64 +import crypt import os import os.path import time @@ -424,7 +425,7 @@ def read_azure_ovf(contents): if username: defuser['name'] = username if password: - defuser['password'] = password + defuser['passwd'] = encrypt_pass(password) defuser['lock_passwd'] = False if defuser: @@ -436,6 +437,10 @@ def read_azure_ovf(contents): return (md, ud, cfg) +def encrypt_pass(password, salt_id="$6$"): + return crypt.crypt(password, salt_id + util.rand_str(strlen=16)) + + def list_possible_azure_ds_devs(): # return a sorted list of devices that might have a azure datasource devlist = [] |