git: 9881d68b1ea7 - stable/14 - nuageinit: Fix passwords
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 08 Oct 2024 07:07:49 UTC
The branch stable/14 has been updated by bapt:
URL: https://cgit.FreeBSD.org/src/commit/?id=9881d68b1ea763efd6db7c7aecbe47176851582b
commit 9881d68b1ea763efd6db7c7aecbe47176851582b
Author: Jose Luis Duran <jlduran@gmail.com>
AuthorDate: 2024-07-30 01:28:18 +0000
Commit: Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2024-10-08 07:04:01 +0000
nuageinit: Fix passwords
The hashed password usually contains a "$" sign, which, when used on a
shell, must be escaped. Also, the plain text password may contain
special characters that require escaping.
Add a quick fix by enclosing it in single quotes. Note that if the
plain text password contains a "'", it will still fail. This will be
properly fixed in later commits.
Some here documents require the document to be a string literal,
especially when passing invalid characters. Enclose it in single
quotes.
Signed-off-by: Jose Luis Duran <jlduran@gmail.com>
(cherry picked from commit b9ce743c5447e90c2c97f4d49e048c301f708527)
---
libexec/nuageinit/nuage.lua | 8 ++++----
libexec/nuageinit/tests/nuageinit.sh | 6 +++---
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua
index c27b66b23be2..4e21405a443b 100644
--- a/libexec/nuageinit/nuage.lua
+++ b/libexec/nuageinit/nuage.lua
@@ -120,11 +120,11 @@ local function adduser(pwd)
local precmd = ""
local postcmd = ""
if pwd.passwd then
- precmd = "echo " .. pwd.passwd .. "| "
- postcmd = " -H 0 "
+ precmd = "echo '" .. pwd.passwd .. "' | "
+ postcmd = " -H 0"
elseif pwd.plain_text_passwd then
- precmd = "echo " .. pwd.plain_text_passwd .. "| "
- postcmd = " -h 0 "
+ precmd = "echo '" .. pwd.plain_text_passwd .. "' | "
+ postcmd = " -h 0"
end
cmd = precmd .. "pw "
if root then
diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh
index 6b8ea7ff3328..434fb3095929 100644
--- a/libexec/nuageinit/tests/nuageinit.sh
+++ b/libexec/nuageinit/tests/nuageinit.sh
@@ -81,7 +81,7 @@ EOF
wheel:*:0:root
users:*:1:
EOF
- cat > media/nuageinit/user-data << EOF
+ cat > media/nuageinit/user-data << 'EOF'
#cloud-config
groups:
- admingroup: [root,sys]
@@ -103,11 +103,11 @@ cloud-users:*:1002:
freebsd:*:1003:
foobar:*:1004:
EOF
- cat > expectedpasswd << EOF
+ cat > expectedpasswd << 'EOF'
root:*:0:0::0:0:Charlie &:/root:/bin/csh
sys:*:1:0::0:0:Sys:/home/sys:/bin/csh
freebsd:freebsd:1001:1003::0:0:FreeBSD User:/home/freebsd:/bin/sh
-foobar:H/1LT4f9/N3wpgNunhsIqtMj62OKiS3nyNwuizouQc3u7MbYCarYeAHWYPYb2FT.lbioDm2RrkJPb9BZMN1O/:1002:1004::0:0:Foo B. Bar:/home/foobar:/bin/sh
+foobar:$6$j212wezy$7H/1LT4f9/N3wpgNunhsIqtMj62OKiS3nyNwuizouQc3u7MbYCarYeAHWYPYb2FT.lbioDm2RrkJPb9BZMN1O/:1002:1004::0:0:Foo B. Bar:/home/foobar:/bin/sh
EOF
sed -i "" "s/freebsd:.*:1001/freebsd:freebsd:1001/" ${here}/etc/master.passwd
atf_check -o file:expectedpasswd cat ${here}/etc/master.passwd