summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoey Hess2014-12-05 16:33:23 -0400
committerJoey Hess2014-12-05 16:33:23 -0400
commit527975dffec07458e25f100257ec70a3c826c20d (patch)
tree05bfb206b068f281ab0dfbd93efd3695f906475f /src
parent2559b2348207ed9e914999e92fe9d26da0e1f5ad (diff)
hasSomePassword and hasPassword now check to make sure shadow passwords are enabled.
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/OS.hs3
-rw-r--r--src/Propellor/Property/User.hs16
2 files changed, 10 insertions, 9 deletions
diff --git a/src/Propellor/Property/OS.hs b/src/Propellor/Property/OS.hs
index 30f8c4bb..3f999e23 100644
--- a/src/Propellor/Property/OS.hs
+++ b/src/Propellor/Property/OS.hs
@@ -45,8 +45,7 @@ import Control.Exception (throw)
-- > & os (System (Debian Unstable) "amd64")
-- > & cleanInstallOnce (Confirmed "foo.example.com")
-- > `onChange` propertyList "fixing up after clean install"
--- > [ User.shadowConfig True
--- > , preserveNetworkInterfaces
+-- > [ preserveNetworkInterfaces
-- > , preserveResolvConf
-- > , preserverRootSshAuthorized
-- > , Apt.update
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index ccb69b24..5c8e768c 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -44,13 +44,15 @@ hasPassword user = property (user ++ "has password") $ do
ensureProperty $ hasPassword' user (Context hostname)
hasPassword' :: UserName -> Context -> Property
-hasPassword' user context = withPrivData (Password user) context $ \getpassword ->
- property (user ++ " has password") $
- getpassword $ \password -> makeChange $
- withHandle StdinHandle createProcessSuccess
- (proc "chpasswd" []) $ \h -> do
- hPutStrLn h $ user ++ ":" ++ password
- hClose h
+hasPassword' user context = go `requires` shadowConfig True
+ where
+ go = withPrivData (Password user) context $ \getpassword ->
+ property (user ++ " has password") $
+ getpassword $ \password -> makeChange $
+ withHandle StdinHandle createProcessSuccess
+ (proc "chpasswd" []) $ \h -> do
+ hPutStrLn h $ user ++ ":" ++ password
+ hClose h
lockedPassword :: UserName -> Property
lockedPassword user = check (not <$> isLockedPassword user) $ cmdProperty "passwd"