From nobody Thu Sep 26 11:06:20 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XDrPm6rmHz5X7ql;
	Thu, 26 Sep 2024 11:06:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XDrPm5Vzdz4HNY;
	Thu, 26 Sep 2024 11:06:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1727348780;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Vp3vMQSUvV9OhU59l5Nn5Yt45Hq1OXkxkXR0YpQlgsw=;
	b=D7ey+Do/gdvgSWPX9rfvkbuK/2Vln7zUucHn/EP1slXxgJq2nAaPZ+WO+QQ67n5MkdL6V2
	USY/d6JEBEqQ5a6TDH3Hr2MS9GpWNveXE73c6FMj0HzwqP51C7aR9woYhJlPAOjlPpqSZg
	JTBbL4QrKoJmoQT6bsF/brIn4Ybx55h1bq01003yHSHTcoMLFo1/40+bJOeWQ975xDrBaJ
	je170siHDiCNRXozh9eCy9PhCii+LX/YVhi9HyrU7zQ0cE7CLBN3fz1lEuO/D7+rUt8K4T
	uFAqo+CqF33jPwY+5U61+WF7SqE0CAVjl3wcNEST4SQ8Nv7h6Cf8ZwL95c/lRw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1727348780;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Vp3vMQSUvV9OhU59l5Nn5Yt45Hq1OXkxkXR0YpQlgsw=;
	b=L8aqRiFfM0Xm24M3AWkp6OkltaexGnOzbl2i1/esbWBn2+5IijHw9be1FMN68kqGe4xy9I
	EGNa4i2lUVvTebBiWYMIyQ7p9LamNCU7kTJWx2Xwkcg33HOKEMGlHggQXQLbx22zp/zp0K
	KEex024B7IUPYOCn+yrt1+AZhYI+zBo9itWd1B2YFKl9/unXq/4NGH+Vz9HA+jmQ+qYdn9
	zT0h4lKlgmDUTFVh6/DPVvjo2JtD9Cp8tUyXK1oy2fFA7UngEuH7NoFbZ0qqe+N703s0V/
	9JaNtm5jQHKu97VLbrQfc9n80hbH0fOeQPcGdkXtbLpMPS1q60J6RNIDy7otDA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1727348780; a=rsa-sha256; cv=none;
	b=qw4fsHXoRBje2nrd7PvvHxgRTg/mnRjoXtObzENgpqqKxgzZBCXhaoBI685vYNLHLH2pZh
	G029sl0LKra+s0udF7I7D6RgIBg40joB/Dq5qUbn3F9UkHazEG26GMH8CaMdJkdVbVdY4P
	PLQWphVPAqrTxYD1eOO5hUdIIjAPzd3GS4zFXjJbMU7Rp05r9GUlGxTUWL0jqOlG/dK9dh
	jVeosE6iyW0x0rlZIJ3iForzsv0K7zR6B6/Us2hYZqcoEl0OQBt32EXTXU305KbEocx900
	TSr/XDIqI93YBZ3hCrqx2Fc4S/CrMELVAI9AtgHv7qk389HnWjGX/hNG429I5w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XDrPm4kZbzttG;
	Thu, 26 Sep 2024 11:06:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 48QB6KT4063592;
	Thu, 26 Sep 2024 11:06:20 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 48QB6KqW063589;
	Thu, 26 Sep 2024 11:06:20 GMT
	(envelope-from git)
Date: Thu, 26 Sep 2024 11:06:20 GMT
Message-Id: <202409261106.48QB6KqW063589@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Baptiste Daroussin <bapt@FreeBSD.org>
Subject: git: b9ce743c5447 - main - nuageinit: Fix passwords
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: bapt
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: b9ce743c5447e90c2c97f4d49e048c301f708527
Auto-Submitted: auto-generated

The branch main has been updated by bapt:

URL: https://cgit.FreeBSD.org/src/commit/?id=b9ce743c5447e90c2c97f4d49e048c301f708527

commit b9ce743c5447e90c2c97f4d49e048c301f708527
Author:     Jose Luis Duran <jlduran@gmail.com>
AuthorDate: 2024-07-30 01:28:18 +0000
Commit:     Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2024-09-26 10:59:56 +0000

    nuageinit: Fix passwords
    
    The hashed password usually contains a "$" sign, which, when used on a
    shell, must be escaped.  Also, the plain text password may contain
    special characters that require escaping.
    
    Add a quick fix by enclosing it in single quotes.  Note that if the
    plain text password contains a "'", it will still fail.  This will be
    properly fixed in later commits.
    
    Some here documents require the document to be a string literal,
    especially when passing invalid characters.  Enclose it in single
    quotes.
    
    Signed-off-by: Jose Luis Duran <jlduran@gmail.com>
---
 libexec/nuageinit/nuage.lua          | 8 ++++----
 libexec/nuageinit/tests/nuageinit.sh | 6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua
index c27b66b23be2..4e21405a443b 100644
--- a/libexec/nuageinit/nuage.lua
+++ b/libexec/nuageinit/nuage.lua
@@ -120,11 +120,11 @@ local function adduser(pwd)
 	local precmd = ""
 	local postcmd = ""
 	if pwd.passwd then
-		precmd = "echo " .. pwd.passwd .. "| "
-		postcmd = " -H 0 "
+		precmd = "echo '" .. pwd.passwd .. "' | "
+		postcmd = " -H 0"
 	elseif pwd.plain_text_passwd then
-		precmd = "echo " .. pwd.plain_text_passwd .. "| "
-		postcmd = " -h 0 "
+		precmd = "echo '" .. pwd.plain_text_passwd .. "' | "
+		postcmd = " -h 0"
 	end
 	cmd = precmd .. "pw "
 	if root then
diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh
index 6b8ea7ff3328..434fb3095929 100644
--- a/libexec/nuageinit/tests/nuageinit.sh
+++ b/libexec/nuageinit/tests/nuageinit.sh
@@ -81,7 +81,7 @@ EOF
 wheel:*:0:root
 users:*:1:
 EOF
-	cat > media/nuageinit/user-data << EOF
+	cat > media/nuageinit/user-data << 'EOF'
 #cloud-config
 groups:
   - admingroup: [root,sys]
@@ -103,11 +103,11 @@ cloud-users:*:1002:
 freebsd:*:1003:
 foobar:*:1004:
 EOF
-	cat > expectedpasswd << EOF
+	cat > expectedpasswd << 'EOF'
 root:*:0:0::0:0:Charlie &:/root:/bin/csh
 sys:*:1:0::0:0:Sys:/home/sys:/bin/csh
 freebsd:freebsd:1001:1003::0:0:FreeBSD User:/home/freebsd:/bin/sh
-foobar:H/1LT4f9/N3wpgNunhsIqtMj62OKiS3nyNwuizouQc3u7MbYCarYeAHWYPYb2FT.lbioDm2RrkJPb9BZMN1O/:1002:1004::0:0:Foo B. Bar:/home/foobar:/bin/sh
+foobar:$6$j212wezy$7H/1LT4f9/N3wpgNunhsIqtMj62OKiS3nyNwuizouQc3u7MbYCarYeAHWYPYb2FT.lbioDm2RrkJPb9BZMN1O/:1002:1004::0:0:Foo B. Bar:/home/foobar:/bin/sh
 EOF
 	sed -i "" "s/freebsd:.*:1001/freebsd:freebsd:1001/" ${here}/etc/master.passwd
 	atf_check -o file:expectedpasswd cat ${here}/etc/master.passwd