opuppet/module-user
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

we can only manage crypted passwords -> added a python script to generate these passwords

Browse source
This commit is contained in:
mh 2008-11-08 21:56:52 +00:00
parent f23cf372ba
commit f349f00244
2 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
manifests/defines.pp
View file

@ -6,11 +6,10 @@
# which should be set. Default: absent -> no password is set. # which should be set. Default: absent -> no password is set.
# To create an encrypted password, you can use: # To create an encrypted password, you can use:
# /usr/bin/mkpasswd -H md5 -S $salt $password # /usr/bin/mkpasswd -H md5 -S $salt $password
# Note: On OpenBSD systems we can only manage plain text passwords. # Note: On OpenBSD systems we can only manage crypted passwords.
# Therefor the password_crypted option doesn't have any effect. # Therefor the password_crypted option doesn't have any effect.
# As well we can only set the password if a user doesn't yet have # You'll find a python script in ${module}/password/openbsd/genpwd.py
# set a password. So if the user will change it, the plain password # Which will help you to create such a password
# will be useless.
# password_crypted: if the supplied password is crypted or not. # password_crypted: if the supplied password is crypted or not.
# Default: true # Default: true
# Note: If you'd like to use unencrypted passwords, you have to set a variable # Note: If you'd like to use unencrypted passwords, you have to set a variable
@ -135,7 +134,7 @@ define user::define_user(
case $operatingsystem { case $operatingsystem {
openbsd: { openbsd: {
exec { "setpass ${name}": exec { "setpass ${name}":
onlyif => "grep -q '^${name}:\\**:' /etc/master.passwd", unless => "grep -q '^${name}:${password}:' /etc/master.passwd",
command => "usermod -p '${password}' ${name}", command => "usermod -p '${password}' ${name}",
require => User["${name}"], require => User["${name}"],
} }

12
password/openbsd/genpwd.py Executable file
View file

@ -0,0 +1,12 @@
#!/usr/bin/env python
import sys
# you nee to install the bcrypt python library to use that script
# debian, ubuntu: sudo apt-get install python-bcrypt
import bcrypt
if len(sys.argv) != 2:
print sys.argv[0]+" password"
sys.exit(1)
# Hash a password for the first time
print bcrypt.hashpw(sys.argv[1], bcrypt.gensalt())