summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2014-03-30 00:17:44 -0400
committerJoey Hess2014-03-30 00:17:44 -0400
commitb5284cc23fc7ce49a3f75762d6387c28dbb174eb (patch)
treec1b5f52cd353466510c3a9bdcb6980109f87b171
parent3121c1005945b167abb1bfd16379002802429158 (diff)
password locking
-rw-r--r--HostProp.hs3
-rw-r--r--Property/User.hs13
-rw-r--r--TODO1
3 files changed, 17 insertions, 0 deletions
diff --git a/HostProp.hs b/HostProp.hs
index 821fe9ef..e0ed8f2a 100644
--- a/HostProp.hs
+++ b/HostProp.hs
@@ -24,7 +24,10 @@ getProperties "clam" =
, GitHome.installedFor "root"
, check (Ssh.hasAuthorizedKeys "root") $
Ssh.passwordAuthentication False
+ , check (Ssh.hasAuthorizedKeys "root") $
+ User.lockedPassword "root"
, User.nonsystem "joey"
+ , User.nuked "user"
, Apt.installed ["sudo"]
, fileHasContent "/etc/sudoers" ["joey ALL=(ALL:ALL) ALL"]
, GitHome.installedFor "joey"
diff --git a/Property/User.hs b/Property/User.hs
index 3ab5f570..47d6fb5b 100644
--- a/Property/User.hs
+++ b/Property/User.hs
@@ -17,5 +17,18 @@ nonsystem user = check (isNothing <$> homedir user) $ cmdProperty "adduser"
, Param user
]
+{- Removes user home directory!! Use with caution. -}
+nuked :: UserName -> Property
+nuked user = check (isJust <$> homedir user) $ cmdProperty "userdel"
+ [ Param "-r"
+ , Param user
+ ]
+
+lockedPassword :: UserName -> Property
+lockedPassword user = cmdProperty "passwd"
+ [ Param "--lock"
+ , Param user
+ ]
+
homedir :: UserName -> IO (Maybe FilePath)
homedir user = catchMaybeIO $ homeDirectory <$> getUserEntryForName user
diff --git a/TODO b/TODO
index 02283f0b..39621d32 100644
--- a/TODO
+++ b/TODO
@@ -3,3 +3,4 @@
but only once despite many config changes being made to satisfy
properties. onChange is a poor substitute.
* Apt upgrade does not avoid apt-listchanges and debconf prompts.
+* I often seem to want to be able to combine Properties monadically.