From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 7480B1FF183 for ; Wed, 10 Sep 2025 21:48:04 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D98022B71; Wed, 10 Sep 2025 21:48:06 +0200 (CEST) To: pve-devel@lists.proxmox.com Date: Wed, 10 Sep 2025 15:47:18 -0400 MIME-Version: 1.0 Message-ID: List-Id: Proxmox VE development discussion List-Post: From: Peter via pve-devel Precedence: list Cc: Peter X-Mailman-Version: 2.1.29 X-BeenThere: pve-devel@lists.proxmox.com List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Proxmox VE development discussion List-Help: Subject: [pve-devel] [PATCH installer v3 1/1] assistant: validate: add verify-root-password option Content-Type: multipart/mixed; boundary="===============6828867627392384325==" Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" --===============6828867627392384325== Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: pve-devel@lists.proxmox.com Delivered-To: pve-devel@lists.proxmox.com Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id F17B4D69FF for ; Wed, 10 Sep 2025 21:48:04 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B686A2A0C for ; Wed, 10 Sep 2025 21:47:34 +0200 (CEST) Received: from mail-qk1-x72b.google.com (mail-qk1-x72b.google.com [IPv6:2607:f8b0:4864:20::72b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 10 Sep 2025 21:47:33 +0200 (CEST) Received: by mail-qk1-x72b.google.com with SMTP id af79cd13be357-80bdff6d1e4so760765585a.3 for ; Wed, 10 Sep 2025 12:47:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1757533646; x=1758138446; darn=lists.proxmox.com; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:sender:from:to:cc:subject:date:message-id:reply-to; bh=QvYeqhpOI5I8NENNUKthT4AIr+LtX/JewulIE4dow0o=; b=hEvBw5TrfpKoRDc0NSkJ5GBp2rWgb3iefhSEXTEBGCVQT2z9KiOXyvN1urdMDySKJ6 k+liY+LpYlj2uSVeuB7phYoG3A7BY1BJLA1yEa1hRa7VanP3EYneVkivQaTyTehK4YQF THSn+AIvGgmT1aS3aTnowWDjLGVV5/qXqCQXHfJgo/xEBd8ApJLPrPJyZlGOV0+SJ1rr zcPXCo0z4xOiBWjlN6lzLSaCgvCNdD1VVE8yI/R4JSEYYJ1McKlidMGghpLT1zATaTVx DDd+rcNpDq/p8Hjq+8d3QNJHbkJON5nkAZr8N4JtdEkXIzL6AognRm87AKxYnOHCY//k bJqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1757533646; x=1758138446; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:sender:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=QvYeqhpOI5I8NENNUKthT4AIr+LtX/JewulIE4dow0o=; b=mtPw8FFhcLjPcAP+3GNhDcwR6R3L6h7PafJfRi39wlvyNwXbYs+JM2bTatyDzeIV8M KCtBzdivDDfOnbGJyz3sVfVyefPxkOuXRUdR6gUvtf2WmBzPKaaGsD4aCM7I7/bwI+S5 yQY6yotwqqooLdVJ+oV931YJ3Yo0wv6U3SFNTGHNOiGE4pFfG61Atdc5W7NDVAuu+xbS ISM3fekx/tVDfuqRuXUISpYKsteUWzcRKJ5zbLuR+uaZS9N1tECZEP2/dH32QIdCbrIR WRsmqDaSTjTwWvq3ipkrqZ/TscUSaLYeydNzl/NF08FJmCX+EmPVW7/t3n1h76mOpJUD ktQQ== X-Gm-Message-State: AOJu0YwX2TCi+S9T5fKibd6HDGAwDWKB9t+Nk6dolyF78xCmoBhJxlTF hAEtZWpoknS+FvnVtOGKzYHgTjZFAJF6ioYjThC7uLWQiDVZ7v4x6vv5Kcb4Yg== X-Gm-Gg: ASbGnctdvevAXZvocv8Zv3S6awvYFIiwZWLPJ73QjsKrntNMSo1XSAbNCMTm0E50EsT 7XJObolAEcfjwnzITPPlFLBo3WXKJYe5Y+2KNhBlWMRPUU7LeEiBEkHbuLGn9+eaP25+BS1wR0U JcSf/8B4ng8uJvyOdTWvBxz6Ug6Z1eio2GiuEaqZJ/HGcJ/ezhcOWxsNKFxTC9+Wu515Lm45C9j JSsC/9aGTDOfflmtK8J++avOFCdzWT3mXyzxOE0j5CgRZQVQhBleaaRuSvB8jivkgsbVo81NTU9 3EUETreuK3gM18L0heRe43u5j/7QawcsiTaYg0MBSN0d7qyTKncppL+wkgGMfVeH0gh23C17Y3P +50/93j+T5vPa6UEqvPh4JgcwECdWI9RyJ9oqsdo+w5p1O8OqfrESBSCLtzyIfcQ9+2QBRGO6vo a4sVuEWAWUZAelOE/wp9PB0a4MDkrXQO9H+dldtIsO7dthQ9aUXRdpvi8ysMZ9ZdwbVkF71fZGJ PQsmw== X-Google-Smtp-Source: AGHT+IH4fdlv+HqRQKXCggyULhve0j8Ku822P3+XQCxiFFbIELHZku3O0HjW7Y0cqexEQfYwLY58gA== X-Received: by 2002:a05:620a:3f85:b0:816:461c:f9bd with SMTP id af79cd13be357-816461cfc71mr1564760985a.44.1757533645770; Wed, 10 Sep 2025 12:47:25 -0700 (PDT) Received: from pvedev.in.creath.net (pool-173-76-101-7.bstnma.fios.verizon.net. [173.76.101.7]) by smtp.gmail.com with ESMTPSA id af79cd13be357-81d97fdcc6fsm191077985a.42.2025.09.10.12.47.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Sep 2025 12:47:25 -0700 (PDT) Sender: Peter Creath From: Peter To: pve-devel@lists.proxmox.com Subject: [PATCH installer v3 1/1] assistant: validate: add verify-root-password option Date: Wed, 10 Sep 2025 15:47:18 -0400 Message-ID: <20250910194718.66959-1-pjcreath+proxmox@gmail.com> X-Mailer: git-send-email 2.47.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_PASS -0.1 DMARC pass policy FREEMAIL_FROM 0.001 Sender email is commonly abused enduser mail provider RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/, no trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [main.rs] Adds an option to interactively verify the hashed root password in the answer file, so that mistakes can be caught before installation. Signed-off-by: Peter --- changes since v2: * updated debian/control for new dependency * cleaned up the proxmox_sys use statements * cleaned up messages and usage description as requested debian/control | 1 + proxmox-auto-install-assistant/Cargo.toml | 1 + proxmox-auto-install-assistant/src/main.rs | 37 +++++++++++++++++++--- 3 files changed, 35 insertions(+), 4 deletions(-) diff --git a/debian/control b/debian/control index 5a6a8cf..9659924 100644 --- a/debian/control +++ b/debian/control @@ -18,6 +18,7 @@ Build-Depends: cargo:native, librust-native-tls-dev, librust-pico-args-0.5-dev, librust-pretty-assertions-1.4-dev, + librust-proxmox-sys+crypt-dev, librust-regex-1+default-dev (>= 1.7~~), librust-rustls-0.23-dev, librust-rustls-native-certs-dev, diff --git a/proxmox-auto-install-assistant/Cargo.toml b/proxmox-auto-install-assistant/Cargo.toml index 9b4a9c4..eeba42f 100644 --- a/proxmox-auto-install-assistant/Cargo.toml +++ b/proxmox-auto-install-assistant/Cargo.toml @@ -17,4 +17,5 @@ proxmox-installer-common = { workspace = true, features = [ "cli" ] } serde_json.workspace = true toml.workspace = true +proxmox-sys = { version = "1.0.0", features = [ "crypt" ] } glob = "0.3" diff --git a/proxmox-auto-install-assistant/src/main.rs b/proxmox-auto-install-assistant/src/main.rs index 5d6c1d5..c0d932c 100644 --- a/proxmox-auto-install-assistant/src/main.rs +++ b/proxmox-auto-install-assistant/src/main.rs @@ -6,10 +6,11 @@ use anyhow::{Context, Result, bail, format_err}; use glob::Pattern; +use proxmox_sys::{crypt::verify_crypt_pw, linux::tty::read_password}; use std::{ collections::BTreeMap, fmt, fs, - io::{self, Read}, + io::{self, IsTerminal, Read}, path::{Path, PathBuf}, process::{self, Command, Stdio}, str::FromStr, @@ -153,12 +154,15 @@ struct CommandValidateAnswerArgs { path: PathBuf, /// Whether to also show the full answer as parsed. debug: bool, + /// Interactively verify the hashed root password. + verify_password: bool, } impl cli::Subcommand for CommandValidateAnswerArgs { fn parse(args: &mut cli::Arguments) -> Result { Ok(Self { debug: args.contains(["-d", "--debug"]), + verify_password: args.contains("--verify-root-password"), // Needs to be last path: args.free_from_str()?, }) @@ -175,15 +179,20 @@ ARGUMENTS: Path to the answer file. OPTIONS: - -d, --debug Also show the full answer as parsed. - -h, --help Print this help - -V, --version Print version + -d, --debug Also show the full answer as parsed. + --verify-root-password Interactively verify the hashed root password. + -h, --help Print this help + -V, --version Print version "#, env!("CARGO_PKG_NAME") ); } fn run(&self) -> Result<()> { + if self.verify_password && !std::io::stdin().is_terminal() { + Self::print_usage(); + bail!("Verifying the root password requires an interactive terminal."); + } validate_answer(self) } } @@ -545,6 +554,20 @@ fn validate_answer_file_keys(path: impl AsRef + fmt::Debug) -> Result Result<()> { + if let Some(hashed) = &answer.global.root_password_hashed { + println!("Verifying hashed root password."); + + let password = String::from_utf8(read_password("Enter root password to verify: ")?)?; + verify_crypt_pw(&password, hashed).context("Failed to verify hashed root password")?; + + println!("Password matches hashed root password."); + Ok(()) + } else { + bail!("'root-password-hashed' not set in answer file, cannot verify."); + } +} + fn validate_answer(args: &CommandValidateAnswerArgs) -> Result<()> { let mut valid = validate_answer_file_keys(&args.path)?; @@ -553,6 +576,12 @@ fn validate_answer(args: &CommandValidateAnswerArgs) -> Result<()> { if args.debug { println!("Parsed data from answer file:\n{:#?}", answer); } + if args.verify_password { + if let Err(err) = verify_hashed_password_interactive(&answer) { + eprintln!("{err:#}"); + valid = false; + } + } } Err(err) => { eprintln!("{err:#}"); -- 2.47.2 --===============6828867627392384325== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel --===============6828867627392384325==--