[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lmi-commits] [lmi] master b2b14a0 1/7: Rework openssl usage
From: |
Greg Chicares |
Subject: |
[lmi-commits] [lmi] master b2b14a0 1/7: Rework openssl usage |
Date: |
Mon, 25 May 2020 18:46:13 -0400 (EDT) |
branch: master
commit b2b14a074e1746d23c8eda0cc5e05765aa6a2a4d
Author: Gregory W. Chicares <address@hidden>
Commit: Gregory W. Chicares <address@hidden>
Rework openssl usage
openssl was installed by default in centos chroots created by 'rinse'
up to 2020-05-14; since 2020-05-19, it isn't.
---
lmi_setup_05c.sh | 4 +++-
lmi_setup_21.sh | 7 ++++++-
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/lmi_setup_05c.sh b/lmi_setup_05c.sh
index ea3f5ad..988744a 100755
--- a/lmi_setup_05c.sh
+++ b/lmi_setup_05c.sh
@@ -39,13 +39,15 @@ chmod 666 /dev/null
chmod 666 /dev/ptmx
[ -d /dev/pts ] || mkdir /dev/pts
+# This minimal centos chroot lacks openssl, so hardcode a password.
+
getent group "${NORMAL_GROUP}" || groupadd --gid="${NORMAL_GROUP_GID}"
"${NORMAL_GROUP}"
getent passwd "${NORMAL_USER}" || useradd \
--gid="${NORMAL_GROUP_GID}" \
--uid="${NORMAL_USER_UID}" \
--create-home \
--shell=/bin/zsh \
- --password="$(openssl passwd -1 expired)" \
+ --password="\$1\$\$AYD8bMyx6ho3BnmO3jjb60" \
"${NORMAL_USER}"
usermod -aG sudo "${NORMAL_USER}" || echo "Oops."
diff --git a/lmi_setup_21.sh b/lmi_setup_21.sh
index def07b3..9ae479d 100755
--- a/lmi_setup_21.sh
+++ b/lmi_setup_21.sh
@@ -38,13 +38,18 @@ assert_chrooted
# chage -d 0 "${NORMAL_USER}"
# may seem like a good idea, but invoking schroot with that userid
# doesn't prompt for a password change.
+#
+# Hardcode the salt so that repeated openssl invocations yield
+# identical results, to avoid gratuitous regressions when comparing
+# successive logs.
+
groupadd --gid="${NORMAL_GROUP_GID}" "${NORMAL_GROUP}"
useradd \
--gid="${NORMAL_GROUP_GID}" \
--uid="${NORMAL_USER_UID}" \
--create-home \
--shell=/bin/zsh \
- --password="$(openssl passwd -1 expired)" \
+ --password="$(openssl passwd -1 --salt '' expired)" \
"${NORMAL_USER}"
usermod -aG sudo "${NORMAL_USER}" || echo "Oops."
- [lmi-commits] [lmi] master updated (57153e3 -> 9ed6f1d), Greg Chicares, 2020/05/25
- [lmi-commits] [lmi] master c101044 3/7: Remove two failing commands, Greg Chicares, 2020/05/25
- [lmi-commits] [lmi] master 0d2c2e2 6/7: Reduce gratuitous differences between scripts, Greg Chicares, 2020/05/25
- [lmi-commits] [lmi] master 256713a 2/7: Rearrange some script blocks, Greg Chicares, 2020/05/25
- [lmi-commits] [lmi] master ff32f93 5/7: Install wget as well as curl, Greg Chicares, 2020/05/25
- [lmi-commits] [lmi] master 9ed6f1d 7/7: Rework zsh and vim configuration for centos; mark common block #9, Greg Chicares, 2020/05/25
- [lmi-commits] [lmi] master b2b14a0 1/7: Rework openssl usage,
Greg Chicares <=
- [lmi-commits] [lmi] master 61c5ba0 4/7: For centos, use wheel group instead of sudoers, Greg Chicares, 2020/05/25