From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id A30881FF2A0 for ; Mon, 15 Jul 2024 10:04:54 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B9EEB35891; Mon, 15 Jul 2024 10:05:08 +0200 (CEST) From: Christoph Heiss To: pve-devel@lists.proxmox.com Date: Mon, 15 Jul 2024 09:56:05 +0200 Message-ID: <20240715075700.283532-6-c.heiss@proxmox.com> X-Mailer: git-send-email 2.45.1 In-Reply-To: <20240715075700.283532-1-c.heiss@proxmox.com> References: <20240715075700.283532-1-c.heiss@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.017 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH installer v2 5/6] auto-installer: add new `global.root_password_hashed` answer option X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" This allows user to specify the root password in a hashed format, generated using e.g. mkpasswd(1), instead of plaintext. Signed-off-by: Christoph Heiss --- Changes v1 -> v2: * move root password setting validation into own function * explicitly check for case for both are unset proxmox-auto-installer/src/answer.rs | 3 ++- proxmox-auto-installer/src/utils.rs | 16 ++++++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/proxmox-auto-installer/src/answer.rs b/proxmox-auto-installer/src/answer.rs index aab7198..d691da1 100644 --- a/proxmox-auto-installer/src/answer.rs +++ b/proxmox-auto-installer/src/answer.rs @@ -26,7 +26,8 @@ pub struct Global { pub keyboard: KeyboardLayout, pub mailto: String, pub timezone: String, - pub root_password: String, + pub root_password: Option, + pub root_password_hashed: Option, #[serde(default)] pub reboot_on_error: bool, #[serde(default)] diff --git a/proxmox-auto-installer/src/utils.rs b/proxmox-auto-installer/src/utils.rs index 229b7e2..2500f43 100644 --- a/proxmox-auto-installer/src/utils.rs +++ b/proxmox-auto-installer/src/utils.rs @@ -303,6 +303,17 @@ pub fn verify_locale_settings(answer: &Answer, locales: &LocaleInfo) -> Result<( Ok(()) } +fn verify_root_password_settings(answer: &Answer) -> Result<()> { + if answer.global.root_password.is_some() && answer.global.root_password_hashed.is_some() { + bail!("`global.root_password` and `global.root_password_hashed` cannot be set at the same time"); + } else if answer.global.root_password.is_none() && answer.global.root_password_hashed.is_none() + { + bail!("One of `global.root_password` or `global.root_password_hashed` must be set"); + } else { + Ok(()) + } +} + pub fn parse_answer( answer: &Answer, udev_info: &UdevInfo, @@ -318,6 +329,7 @@ pub fn parse_answer( let network_settings = get_network_settings(answer, udev_info, runtime_info, setup_info)?; verify_locale_settings(answer, locales)?; + verify_root_password_settings(answer)?; let mut config = InstallConfig { autoreboot: 1_usize, @@ -337,8 +349,8 @@ pub fn parse_answer( keymap: answer.global.keyboard.to_string(), root_password: InstallRootPassword { - plain: Some(answer.global.root_password.clone()), - hashed: None, + plain: answer.global.root_password.clone(), + hashed: answer.global.root_password_hashed.clone(), }, mailto: answer.global.mailto.clone(), root_ssh_keys: answer.global.root_ssh_keys.clone(), -- 2.45.1 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel