From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id BC9191FF17C for ; Wed, 17 Sep 2025 23:11:09 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 9187FDB48; Wed, 17 Sep 2025 23:11:22 +0200 (CEST) References: <20250910194718.66959-1-pjcreath+proxmox@gmail.com> In-Reply-To: <20250910194718.66959-1-pjcreath+proxmox@gmail.com> Date: Wed, 17 Sep 2025 17:10:59 -0400 To: pve-devel@lists.proxmox.com MIME-Version: 1.0 Message-ID: List-Id: Proxmox VE development discussion List-Post: From: Peter via pve-devel Precedence: list Cc: Peter X-Mailman-Version: 2.1.29 X-BeenThere: pve-devel@lists.proxmox.com List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Proxmox VE development discussion List-Help: Subject: Re: [pve-devel] [PATCH installer v3 1/1] assistant: validate: add verify-root-password option Content-Type: multipart/mixed; boundary="===============0874861926738704141==" Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" --===============0874861926738704141== Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: pve-devel@lists.proxmox.com Delivered-To: pve-devel@lists.proxmox.com Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 712E6D1F7B for ; Wed, 17 Sep 2025 23:11:21 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 47769DADC for ; Wed, 17 Sep 2025 23:11:21 +0200 (CEST) Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 17 Sep 2025 23:11:19 +0200 (CEST) Received: by mail-pg1-x52a.google.com with SMTP id 41be03b00d2f7-b54dd647edcso222953a12.1 for ; Wed, 17 Sep 2025 14:11:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1758143471; x=1758748271; darn=lists.proxmox.com; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=h6GdfMe65jZTG7wh3789XaJEzebZOWml1EGcTUgUWnU=; b=h93zWlKA5k4h7QjqAjf1v3DmIZ7SczCBJKyZ/aCX6dInzyAtiL8dYKK3HkQuBrLj40 QMBFerbbvVXKgyLvBirSaYhJTJttdJaEAUMKixcPCkODSxFqfmwef/TsF/4O12OhRfUi gJSUajGGJaYbGYxbfHxsSEN2SCYTV8IOSW2z/UWVi15dW+N+7cN7nJdYHt/ozBHHvwEB nZAp/kprPdAC356PDb0F16ZMKydVGrlY2lDPrDr5BFOpyJu4SeeekvQuP9foVrexDh9x xqrpmOFlAngHu3Mb80VbQVLHRYlHKbpyV9KzcgH6kZyP7JHmb6pIlXxU+8uoD+1RjbWf tJhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1758143471; x=1758748271; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=h6GdfMe65jZTG7wh3789XaJEzebZOWml1EGcTUgUWnU=; b=EhQ25CMveYcA1x7Hk7U5jRsSuD4wPRhK2TyZTLtGdfecvsS2WwTrz2ou3TikIkUdCm e5HUITSLt3mrSfeovFj9ucsGQ6uOr+odeYHQnjEl0xoXD+hKgcO4Jgc9gKq+5ICFwNXc fBcNL3lU/QUx12fuq9B9iuLL3afRs95uwSxQrdiVk/uiNbC7WgGGYnqajide4zDsXHEb 2uOM/LW2bj8qx/BMYrzCsN+A/MozzgiLSuys1eZbjbXnzbVumilJpoTMFSNnOKedy6du H2VP1V+zc0lkxAgPvqJFUBltP9TQ3psM95XPq4Sx1x2BFaij/8noCxfVlkCkfImEPSDH 5zRA== X-Gm-Message-State: AOJu0YyI7ZWMRbPjB/6nzKu1qLkZm6ZUGk050L5sigRv4M9kV7CyHS1f uAggkuEgZhwTIvF0Er/9mlRQP9Vx+smdB0HwKhJcb9D05NtGBgrTjZIUI6sYjBVCwXKgvwc3K/E yU3btcifKScXsomBP7R/6aersuvFgByW8hw== X-Gm-Gg: ASbGncskVGFME58xJxP8M6LriQvTyz8hfFONyrqs/klakfuCkby8rRJNpIoI7yL+plC qdCuNdiORjVb1f/Wdsnwmi9PFQMzUZ+LizFX8bqAWIHGT9pCb9dMIpwohlhGKzi/DHwyGxt9nDq VOH38k+Bsjv3rR8zbHiojmfGoKLFHiL3w2aQOis+I0e5f86cYgiSpyAI8Ek150P85i6VHpdWSVo lqACKh5DA2CPO+34gsVV0UpffQcrhGn7Gqa4b/l7MHMlajQMEkGhvaVY468cjRosO7J9QY+cKEl 0Wmm X-Google-Smtp-Source: AGHT+IGWR2dDlVklZmE1OKS7EzdOf/bnz/2Ba1EkpAeaML3OLj6GtmzQ+o/ezvpGXkdvlfwVACjMitl4uDl+fShX460= X-Received: by 2002:a17:903:22c9:b0:265:bb0:cbc with SMTP id d9443c01a7336-26813be8919mr49404785ad.47.1758143471187; Wed, 17 Sep 2025 14:11:11 -0700 (PDT) MIME-Version: 1.0 References: <20250910194718.66959-1-pjcreath+proxmox@gmail.com> In-Reply-To: <20250910194718.66959-1-pjcreath+proxmox@gmail.com> From: Peter Date: Wed, 17 Sep 2025 17:10:59 -0400 X-Gm-Features: AS18NWDX_BPxLy_t7qL5OG4WxSNwbB6pEkmfZhdXPzQtly2eIOkyfBBf8m_NmsE Message-ID: Subject: Re: [PATCH installer v3 1/1] assistant: validate: add verify-root-password option To: pve-devel@lists.proxmox.com X-SPAM-LEVEL: Spam detection results: 0 AWL -0.067 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_PASS -0.1 DMARC pass policy FREEMAIL_FROM 0.001 Sender email is commonly abused enduser mail provider FREEMAIL_REPLY 1 From and body contain different freemails HTML_MESSAGE 0.001 HTML included in message RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/, no trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [main.rs] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 bump? On Wed, Sep 10, 2025 at 3:47=E2=80=AFPM Peter = wrote: > Adds an option to interactively verify the hashed root password in > the answer file, so that mistakes can be caught before installation. > > Signed-off-by: Peter > --- > > changes since v2: > * updated debian/control for new dependency > * cleaned up the proxmox_sys use statements > * cleaned up messages and usage description as requested > > debian/control | 1 + > proxmox-auto-install-assistant/Cargo.toml | 1 + > proxmox-auto-install-assistant/src/main.rs | 37 +++++++++++++++++++--- > 3 files changed, 35 insertions(+), 4 deletions(-) > > diff --git a/debian/control b/debian/control > index 5a6a8cf..9659924 100644 > --- a/debian/control > +++ b/debian/control > @@ -18,6 +18,7 @@ Build-Depends: cargo:native, > librust-native-tls-dev, > librust-pico-args-0.5-dev, > librust-pretty-assertions-1.4-dev, > + librust-proxmox-sys+crypt-dev, > librust-regex-1+default-dev (>=3D 1.7~~), > librust-rustls-0.23-dev, > librust-rustls-native-certs-dev, > diff --git a/proxmox-auto-install-assistant/Cargo.toml > b/proxmox-auto-install-assistant/Cargo.toml > index 9b4a9c4..eeba42f 100644 > --- a/proxmox-auto-install-assistant/Cargo.toml > +++ b/proxmox-auto-install-assistant/Cargo.toml > @@ -17,4 +17,5 @@ proxmox-installer-common =3D { workspace =3D true, feat= ures > =3D [ "cli" ] } > serde_json.workspace =3D true > toml.workspace =3D true > > +proxmox-sys =3D { version =3D "1.0.0", features =3D [ "crypt" ] } > glob =3D "0.3" > diff --git a/proxmox-auto-install-assistant/src/main.rs > b/proxmox-auto-install-assistant/src/main.rs > index 5d6c1d5..c0d932c 100644 > --- a/proxmox-auto-install-assistant/src/main.rs > +++ b/proxmox-auto-install-assistant/src/main.rs > @@ -6,10 +6,11 @@ > > use anyhow::{Context, Result, bail, format_err}; > use glob::Pattern; > +use proxmox_sys::{crypt::verify_crypt_pw, linux::tty::read_password}; > use std::{ > collections::BTreeMap, > fmt, fs, > - io::{self, Read}, > + io::{self, IsTerminal, Read}, > path::{Path, PathBuf}, > process::{self, Command, Stdio}, > str::FromStr, > @@ -153,12 +154,15 @@ struct CommandValidateAnswerArgs { > path: PathBuf, > /// Whether to also show the full answer as parsed. > debug: bool, > + /// Interactively verify the hashed root password. > + verify_password: bool, > } > > impl cli::Subcommand for CommandValidateAnswerArgs { > fn parse(args: &mut cli::Arguments) -> Result { > Ok(Self { > debug: args.contains(["-d", "--debug"]), > + verify_password: args.contains("--verify-root-password"), > // Needs to be last > path: args.free_from_str()?, > }) > @@ -175,15 +179,20 @@ ARGUMENTS: > Path to the answer file. > > OPTIONS: > - -d, --debug Also show the full answer as parsed. > - -h, --help Print this help > - -V, --version Print version > + -d, --debug Also show the full answer as parsed. > + --verify-root-password Interactively verify the hashed root > password. > + -h, --help Print this help > + -V, --version Print version > "#, > env!("CARGO_PKG_NAME") > ); > } > > fn run(&self) -> Result<()> { > + if self.verify_password && !std::io::stdin().is_terminal() { > + Self::print_usage(); > + bail!("Verifying the root password requires an interactive > terminal."); > + } > validate_answer(self) > } > } > @@ -545,6 +554,20 @@ fn validate_answer_file_keys(path: impl AsRef = + > fmt::Debug) -> Result } > } > > +fn verify_hashed_password_interactive(answer: &Answer) -> Result<()> { > + if let Some(hashed) =3D &answer.global.root_password_hashed { > + println!("Verifying hashed root password."); > + > + let password =3D String::from_utf8(read_password("Enter root > password to verify: ")?)?; > + verify_crypt_pw(&password, hashed).context("Failed to verify > hashed root password")?; > + > + println!("Password matches hashed root password."); > + Ok(()) > + } else { > + bail!("'root-password-hashed' not set in answer file, cannot > verify."); > + } > +} > + > fn validate_answer(args: &CommandValidateAnswerArgs) -> Result<()> { > let mut valid =3D validate_answer_file_keys(&args.path)?; > > @@ -553,6 +576,12 @@ fn validate_answer(args: &CommandValidateAnswerArgs) > -> Result<()> { > if args.debug { > println!("Parsed data from answer file:\n{:#?}", answer)= ; > } > + if args.verify_password { > + if let Err(err) =3D > verify_hashed_password_interactive(&answer) { > + eprintln!("{err:#}"); > + valid =3D false; > + } > + } > } > Err(err) =3D> { > eprintln!("{err:#}"); > -- > 2.47.2 > > --===============0874861926738704141== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel --===============0874861926738704141==--