3 # Copyright (C) 2011 GRNET S.A.
5 # This program is free software; you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 2 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 # General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with this program; if not, write to the Free Software
17 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 # Provides: ChangePassword
22 # RunBefore: EnforcePersonality
23 # RunAfter: InstallUnattend
24 # Short-Description: Changes Password for specified users
28 . "@commondir@/common.sh"
30 trap task_cleanup EXIT
33 # Check if the task should be prevented from running.
36 linux_shadow="/etc/shadow"
37 freebsd_shadow="/etc/master.passwd"
38 openbsd_shadow="/etc/master.passwd"
39 netbsd_shadow="/etc/master.passwd"
41 linux_change_shadow_entry() {
46 IFS=":" read -a entry <<< "$line"
48 echo "${entry[0]}:$encrypted:15103:0:99999:7:::"
51 freebsd_change_shadow_entry() {
56 IFS=":" read -a entry <<< "$line"
58 echo "${entry[0]}:$encrypted:${entry[2]}:${entry[3]}:${entry[4]}:${entry[5]}:0:${entry[7]}:${entry[8]}:${entry[9]}"
61 openbsd_change_shadow_entry() {
62 freebsd_change_shadow_entry "$@"
65 netbsd_change_shadow_entry() {
66 freebsd_change_shadow_entry "$@"
74 echo "@echo off" > "$target/Windows/SnfScripts/ChangeAdminPassword.cmd"
76 if [ -z "$SNF_IMAGE_PROPERTY_USERS" ]; then
77 warn "Image property \`USERS' is missing or empty. " \
78 "Changing the password for default user: \`Administrator'."
80 SNF_IMAGE_PROPERTY_USERS="Administrator"
83 for usr in $SNF_IMAGE_PROPERTY_USERS; do
84 echo -n "Installing new password for user \`$usr'..."
85 echo "net user $usr $password" >> \
86 "$target/Windows/SnfScripts/ChangeAdminPassword.cmd"
92 local flavor target password hash users tmp_shadow
97 shadow="${flavor}_shadow"
98 if [ ! -e "$target${!shadow}" ]; then
99 log_error "No ${!shadow} found!"
104 hash=$("@scriptsdir@/snf-passtohash.py" "$password")
107 hash=$("@scriptsdir@/snf-passtohash.py" -m blowfish "$password")
110 hash=$("@scriptsdir@/snf-passtohash.py" -m sha1 "$password")
113 log_error "Unknown unix flavor: \`$flavor'"
119 if [ -n "$SNF_IMAGE_PROPERTY_USERS" ]; then
120 for usr in $SNF_IMAGE_PROPERTY_USERS; do
124 warn "Image property \`USERS' is missing or empty. " \
125 "Changing the password for default user: \`root'."
129 for i in $(seq 0 1 $((${#users[@]}-1))); do
130 tmp_shadow="$(mktemp)"
131 add_cleanup rm "$tmp_shadow"
133 echo -n "Setting ${users[$i]} password..."
134 entry=$(grep "^${users[$i]}:" "$target${!shadow}")
135 if [ -z "$entry" ]; then
136 log_error "User: \`${users[$i]}' does not exist."
139 new_entry="$(${flavor}_change_shadow_entry "$entry" "$hash")"
140 grep -v "${users[$i]}" "$target${!shadow}" > "$tmp_shadow"
141 echo "$new_entry" >> "$tmp_shadow"
142 cat "$tmp_shadow" > "$target${!shadow}"
148 local target password hash
152 if [ ! -e "$target/etc/master.passwd" ]; then
153 log_error "No /etc/master.passwd found!"
156 hash=$("@scriptsdir@/snf-passtohash.py" "$password")
157 for i in $(seq 0 1 $((${#users[@]}-1))); do
158 tmp_master="$(mktemp)"
162 if [ ! -d "$SNF_IMAGE_TARGET" ]; then
163 log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing"
166 if [ -z "$SNF_IMAGE_PASSWORD" ]; then
167 log_error "Password is missing"
171 SNF_IMAGE_PROPERTY_USERS=$(echo $SNF_IMAGE_PROPERTY_USERS)
173 if [ "$SNF_IMAGE_PROPERTY_OSFAMILY" = "windows" ]; then
174 windows_password "$SNF_IMAGE_TARGET" "$SNF_IMAGE_PASSWORD"
176 unix_password "$SNF_IMAGE_PROPERTY_OSFAMILY" "$SNF_IMAGE_TARGET" "$SNF_IMAGE_PASSWORD"
179 # For FreeBSD, OpenBSD and NetBSD we need to recreate the password databases too
180 if [[ "$SNF_IMAGE_PROPERTY_OSFAMILY" == *bsd ]]; then
181 rm -f "$SNF_IMAGE_TARGET/etc/spwd.db"
183 # NetBSD is very strict about the existence & non-existence of the db files
184 if [ "$SNF_IMAGE_PROPERTY_OSFAMILY" = "netbsd" ]; then
185 rm -f "$SNF_IMAGE_TARGET/etc/pwd.db.tmp"
186 rm -f "$SNF_IMAGE_TARGET/etc/spwd.db.tmp"
188 touch "$SNF_IMAGE_TARGET/etc/spwd.db"
192 # Make sure /etc/spwd.db is recreated on first boot
194 PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin
197 pwd_mkdb -p /etc/master.passwd
200 if [ -e "$SNF_IMAGE_TARGET/etc/rc.local" ]; then
201 orig_local="/etc/rc.local.snf_image_$RANDOM"
202 mv "$SNF_IMAGE_TARGET/etc/rc.local" "$SNF_IMAGE_TARGET$orig_local"
203 cat > "$SNF_IMAGE_TARGET/etc/rc.local" <<EOF
205 mv $orig_local /etc/rc.local
209 cat > "$SNF_IMAGE_TARGET/etc/rc.local" <<EOF
219 # vim: set sta sts=4 shiftwidth=4 sw=4 et ai :