Douglas Schilling Landgraf has uploaded a new change for review. Change subject: passwd: Refectoring password schema ......................................................................
passwd: Refectoring password schema Change-Id: If78688f983c60a2cf499c6a6a9dcf2e12a1db5dc Signed-off-by: Douglas Schilling Landgraf <[email protected]> --- M src/ovirt/node/installer/core/progress_page.py M src/ovirt/node/utils/security.py M src/ovirtnode/password.py 3 files changed, 39 insertions(+), 24 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/66/48166/1 diff --git a/src/ovirt/node/installer/core/progress_page.py b/src/ovirt/node/installer/core/progress_page.py index 1501683..960eb31 100644 --- a/src/ovirt/node/installer/core/progress_page.py +++ b/src/ovirt/node/installer/core/progress_page.py @@ -20,7 +20,7 @@ # also available at http://www.gnu.org/copyleft/gpl.html. from ovirt.node import plugins, ui, utils from ovirt.node.config import defaults -from ovirt.node.utils import console, system +from ovirt.node.utils import console, system, security import threading @@ -262,8 +262,9 @@ self.admin_password = admin_password def commit(self): - from ovirtnode import password - admin_pw_set = password.set_password(self.admin_password, "admin") + admin_pw_set = security.Passwd().set_password( + password=self.admin_password, username="admin") + self.logger.debug("Setting admin password") if not admin_pw_set: raise RuntimeError("Failed to set admin password") diff --git a/src/ovirt/node/utils/security.py b/src/ovirt/node/utils/security.py index 130f49c..2b1e004 100644 --- a/src/ovirt/node/utils/security.py +++ b/src/ovirt/node/utils/security.py @@ -21,12 +21,19 @@ from ovirt.node import base, valid, utils from ovirt.node.utils import system from ovirt.node.utils.fs import File +from ovirt.node.utils.fs import Config + import PAM as _PAM # @UnresolvedImport import cracklib import hashlib import os.path import process import selinux +import crypt +import libuser +import random +import string +import threading """ Some convenience functions related to security @@ -94,9 +101,32 @@ class Passwd(base.Base): + def cryptPassword(self, password): + saltlen = 2 + saltlen = 16 + saltstr = '$6$' + for i in range(saltlen): + saltstr = saltstr + random.choice(string.letters + + string.digits + './') + return crypt.crypt(password, saltstr) + def set_password(self, username, password): - import ovirtnode.password as opasswd - opasswd.set_password(password, username) + admin = libuser.admin() + root = admin.lookupUserByName(username) + passwd = self.cryptPassword(password) + try: + Config().unpersist("/etc/passwd") + Config().unpersist("/etc/shadow") + t = threading.Thread(target=admin.setpassUser, args=(root, passwd, "is_crypted")) + t.start() + while t.is_alive(): + t.join() + except: + raise + finally: + Config().persist("/etc/shadow") + Config().persist("/etc/passwd") + return True class Selinux(base.Base): diff --git a/src/ovirtnode/password.py b/src/ovirtnode/password.py index 53614bb..0b30922 100755 --- a/src/ovirtnode/password.py +++ b/src/ovirtnode/password.py @@ -24,30 +24,14 @@ import string import augeas +from ovirt.node.utils.security import Passwd def cryptPassword(password): - saltlen = 2 - saltlen = 16 - saltstr = '$6$' - for i in range(saltlen): - saltstr = saltstr + random.choice(string.letters + - string.digits + './') - return crypt.crypt(password, saltstr) + return Passwd.cryptPassword(password) def set_password(password, user): - admin = libuser.admin() - root = admin.lookupUserByName(user) - passwd = cryptPassword(password) - try: - _functions.unmount_config("/etc/shadow") - _functions.unmount_config("/etc/passwd") - admin.setpassUser(root, passwd, "is_crypted") - except: - raise - finally: - _functions.ovirt_store_config("/etc/shadow") - _functions.ovirt_store_config("/etc/passwd") + Passwd.set_password(username=user, password=password) return True -- To view, visit https://gerrit.ovirt.org/48166 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If78688f983c60a2cf499c6a6a9dcf2e12a1db5dc Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node Gerrit-Branch: ovirt-3.5 Gerrit-Owner: Douglas Schilling Landgraf <[email protected]> _______________________________________________ node-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/node-patches
