From: Christoph Heiss <c.heiss@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH installer v2 5/6] auto-installer: add new `global.root_password_hashed` answer option
Date: Mon, 15 Jul 2024 09:56:05 +0200 [thread overview]
Message-ID: <20240715075700.283532-6-c.heiss@proxmox.com> (raw)
In-Reply-To: <20240715075700.283532-1-c.heiss@proxmox.com>
This allows user to specify the root password in a hashed format,
generated using e.g. mkpasswd(1), instead of plaintext.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
---
Changes v1 -> v2:
* move root password setting validation into own function
* explicitly check for case for both are unset
proxmox-auto-installer/src/answer.rs | 3 ++-
proxmox-auto-installer/src/utils.rs | 16 ++++++++++++++--
2 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/proxmox-auto-installer/src/answer.rs b/proxmox-auto-installer/src/answer.rs
index aab7198..d691da1 100644
--- a/proxmox-auto-installer/src/answer.rs
+++ b/proxmox-auto-installer/src/answer.rs
@@ -26,7 +26,8 @@ pub struct Global {
pub keyboard: KeyboardLayout,
pub mailto: String,
pub timezone: String,
- pub root_password: String,
+ pub root_password: Option<String>,
+ pub root_password_hashed: Option<String>,
#[serde(default)]
pub reboot_on_error: bool,
#[serde(default)]
diff --git a/proxmox-auto-installer/src/utils.rs b/proxmox-auto-installer/src/utils.rs
index 229b7e2..2500f43 100644
--- a/proxmox-auto-installer/src/utils.rs
+++ b/proxmox-auto-installer/src/utils.rs
@@ -303,6 +303,17 @@ pub fn verify_locale_settings(answer: &Answer, locales: &LocaleInfo) -> Result<(
Ok(())
}
+fn verify_root_password_settings(answer: &Answer) -> Result<()> {
+ if answer.global.root_password.is_some() && answer.global.root_password_hashed.is_some() {
+ bail!("`global.root_password` and `global.root_password_hashed` cannot be set at the same time");
+ } else if answer.global.root_password.is_none() && answer.global.root_password_hashed.is_none()
+ {
+ bail!("One of `global.root_password` or `global.root_password_hashed` must be set");
+ } else {
+ Ok(())
+ }
+}
+
pub fn parse_answer(
answer: &Answer,
udev_info: &UdevInfo,
@@ -318,6 +329,7 @@ pub fn parse_answer(
let network_settings = get_network_settings(answer, udev_info, runtime_info, setup_info)?;
verify_locale_settings(answer, locales)?;
+ verify_root_password_settings(answer)?;
let mut config = InstallConfig {
autoreboot: 1_usize,
@@ -337,8 +349,8 @@ pub fn parse_answer(
keymap: answer.global.keyboard.to_string(),
root_password: InstallRootPassword {
- plain: Some(answer.global.root_password.clone()),
- hashed: None,
+ plain: answer.global.root_password.clone(),
+ hashed: answer.global.root_password_hashed.clone(),
},
mailto: answer.global.mailto.clone(),
root_ssh_keys: answer.global.root_ssh_keys.clone(),
--
2.45.1
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2024-07-15 8:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-15 7:56 [pve-devel] [PATCH installer v2 0/6] auto-installer: add option for providing hashed root password Christoph Heiss
2024-07-15 7:56 ` [pve-devel] [PATCH installer v2 1/6] common: move `PasswordOptions` type to tui crate Christoph Heiss
2024-07-15 7:56 ` [pve-devel] [PATCH installer v2 2/6] tui-installer: remove `Debug` implementation for password options Christoph Heiss
2024-07-15 7:56 ` [pve-devel] [PATCH installer v2 3/6] low-level: change root password option to contain either plaintext or hash Christoph Heiss
2024-07-15 7:56 ` [pve-devel] [PATCH installer v2 4/6] {auto, tui}-installer: adapt to new `root_password` plain/hashed setup option Christoph Heiss
2024-07-15 7:56 ` Christoph Heiss [this message]
2024-07-15 7:56 ` [pve-devel] [PATCH installer v2 6/6] auto-installer: add test for hashed root password option Christoph Heiss
2024-07-16 13:48 ` [pve-devel] [PATCH installer v2 0/6] auto-installer: add option for providing hashed root password Theodor Fumics via pve-devel
2024-07-22 16:43 ` [pve-devel] applied-series: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240715075700.283532-6-c.heiss@proxmox.com \
--to=c.heiss@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.