1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# Copyright (C) 2016 Canonical Ltd.
# Copyright (C) 2016 VMware INC.
#
# Author: Maitreyee Saikia <msaikia@vmware.com>
#
# This file is part of cloud-init. See LICENSE file for license information.
import logging
import os
from cloudinit import util
LOG = logging.getLogger(__name__)
class PasswordConfigurator(object):
"""
Class for changing configurations related to passwords in a VM. Includes
setting and expiring passwords.
"""
def configure(self, passwd, resetPasswd, distro):
"""
Main method to perform all functionalities based on configuration file
inputs.
@param passwd: encoded admin password.
@param resetPasswd: boolean to determine if password needs to be reset.
@return cfg: dict to be used by cloud-init set_passwd code.
"""
LOG.info('Starting password configuration')
if passwd:
passwd = util.b64d(passwd)
allRootUsers = []
for line in open('/etc/passwd', 'r'):
if line.split(':')[2] == '0':
allRootUsers.append(line.split(':')[0])
# read shadow file and check for each user, if its uid0 or root.
uidUsersList = []
for line in open('/etc/shadow', 'r'):
user = line.split(':')[0]
if user in allRootUsers:
uidUsersList.append(user)
if passwd:
LOG.info('Setting admin password')
distro.set_passwd('root', passwd)
if resetPasswd:
self.reset_password(uidUsersList)
LOG.info('Configure Password completed!')
def reset_password(self, uidUserList):
"""
Method to reset password. Use passwd --expire command. Use chage if
not succeeded using passwd command. Log failure message otherwise.
@param: list of users for which to expire password.
"""
LOG.info('Expiring password.')
for user in uidUserList:
try:
out, err = util.subp(['passwd', '--expire', user])
except util.ProcessExecutionError as e:
if os.path.exists('/usr/bin/chage'):
out, e = util.subp(['chage', '-d', '0', user])
else:
LOG.warning('Failed to expire password for %s with error: '
'%s', user, e)
# vi: ts=4 expandtab
|