From 527975dffec07458e25f100257ec70a3c826c20d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Fri, 5 Dec 2014 16:33:23 -0400 Subject: hasSomePassword and hasPassword now check to make sure shadow passwords are enabled. --- src/Propellor/Property/OS.hs | 3 +-- src/Propellor/Property/User.hs | 16 +++++++++------- 2 files changed, 10 insertions(+), 9 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/OS.hs b/src/Propellor/Property/OS.hs index 30f8c4bb..3f999e23 100644 --- a/src/Propellor/Property/OS.hs +++ b/src/Propellor/Property/OS.hs @@ -45,8 +45,7 @@ import Control.Exception (throw) -- > & os (System (Debian Unstable) "amd64") -- > & cleanInstallOnce (Confirmed "foo.example.com") -- > `onChange` propertyList "fixing up after clean install" --- > [ User.shadowConfig True --- > , preserveNetworkInterfaces +-- > [ preserveNetworkInterfaces -- > , preserveResolvConf -- > , preserverRootSshAuthorized -- > , Apt.update diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs index ccb69b24..5c8e768c 100644 --- a/src/Propellor/Property/User.hs +++ b/src/Propellor/Property/User.hs @@ -44,13 +44,15 @@ hasPassword user = property (user ++ "has password") $ do ensureProperty $ hasPassword' user (Context hostname) hasPassword' :: UserName -> Context -> Property -hasPassword' user context = withPrivData (Password user) context $ \getpassword -> - property (user ++ " has password") $ - getpassword $ \password -> makeChange $ - withHandle StdinHandle createProcessSuccess - (proc "chpasswd" []) $ \h -> do - hPutStrLn h $ user ++ ":" ++ password - hClose h +hasPassword' user context = go `requires` shadowConfig True + where + go = withPrivData (Password user) context $ \getpassword -> + property (user ++ " has password") $ + getpassword $ \password -> makeChange $ + withHandle StdinHandle createProcessSuccess + (proc "chpasswd" []) $ \h -> do + hPutStrLn h $ user ++ ":" ++ password + hClose h lockedPassword :: UserName -> Property lockedPassword user = check (not <$> isLockedPassword user) $ cmdProperty "passwd" -- cgit v1.2.3