diff options
author | Lennart Poettering <lennart@poettering.net> | 2021-05-05 15:32:43 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2021-05-06 21:55:58 +0200 |
commit | 53c25ac968ab8b868506c3a1820d8c76beb0cd88 (patch) | |
tree | 28affe0c2d1613e7a27ede615c90e1d2d88ae59c /src/firstboot | |
parent | a7bd1656f3ee3d43126c50e4baad9da77620022e (diff) | |
download | systemd-53c25ac968ab8b868506c3a1820d8c76beb0cd88.tar.gz |
user-util: add generic definition for special password hash values in /etc/passwd + /etc/shadow
Let's add three defines for the 3 special cases of passwords.
Some of our tools used different values for the "locked"/"invalid" case,
let's settle on using "!*" which means the password is both locked *and*
invalid.
Other tools like to use "!!" for this case, which however is less than
ideal I think, since the this could also be a considered an entry with
an empty password, that can be enabled again by unlocking it twice.
Diffstat (limited to 'src/firstboot')
-rw-r--r-- | src/firstboot/firstboot.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index ba0b360cc1..896c2e7b0a 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -922,20 +922,20 @@ static int process_root_args(void) { return r; if (arg_root_password && arg_root_password_is_hashed) { - password = "x"; + password = PASSWORD_SEE_SHADOW; hashed_password = arg_root_password; } else if (arg_root_password) { r = hash_password(arg_root_password, &_hashed_password); if (r < 0) return log_error_errno(r, "Failed to hash password: %m"); - password = "x"; + password = PASSWORD_SEE_SHADOW; hashed_password = _hashed_password; } else if (arg_delete_root_password) - password = hashed_password = ""; + password = hashed_password = PASSWORD_NONE; else - password = hashed_password = "!"; + password = hashed_password = PASSWORD_LOCKED_AND_INVALID; r = write_root_passwd(etc_passwd, password, arg_root_shell); if (r < 0) |