arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

for encrypted system password in passwd table, the SHA256 and SHA512 encrypted passwords could be automatically recongnized

Browse Source 
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@14874 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
ligc
2013-01-14 14:56:44 +00:00
parent 709fc270ae
commit 0e92da0f5f
4 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
perl-xCAT/xCAT/Schema.pm
View File

@@ -711,7 +711,7 @@ passwd => {
key => 'The type of component this user/pw is for. Valid values: blade (management module), ipmi (BMC), system (nodes), omapi (DHCP), hmc, ivm, cec, frame, switch.',
username => 'The default userid for this type of component',
password => 'The default password for this type of component',
cryptmethod => 'Indicates the method that was used to encrypt the password attribute. On AIX systems, if a value is provided for this attribute it indicates that the passwword attribute is encrypted. If the cryptmethod value is not set it indicates the password is a simple string value. On Linux systems, the cryyptmethod is not supported however the code attempts to auto-discover MD5 encrypted passowrds.',
cryptmethod => 'Indicates the method that was used to encrypt the password attribute. On AIX systems, if a value is provided for this attribute it indicates that the passwword attribute is encrypted. If the cryptmethod value is not set it indicates the password is a simple string value. On Linux systems, the cryyptmethod is not supported however the code attempts to auto-discover MD5, SHA256 and SHA512 encrypted passwords.',
comments => 'Any user-written notes.',
disable => "Set to 'yes' or '1' to comment out this row.",
},

3
xCAT-server/lib/perl/xCAT/Template.pm
View File

@@ -597,7 +597,8 @@ sub genpassword {
sub crydb
{
my $result = tabdb(@_);
unless ($result =~ /^\$1\$/) {
# 1 - MD5, 5 - SHA256, 6 - SHA512
unless (($result =~ /^\$1\$/) || ($result =~ /^\$5\$/) || ($result =~ /^\$6\$/)) {
$result = crypt($result,'$1$'.genpassword(8));
}
return $result;

3
xCAT-server/lib/xcat/plugins/packimage.pm
View File

@@ -317,7 +317,8 @@ sub process_request {
my @shadents = <$shadow>;
close($shadow);
open($shadow,">","$rootimg_dir/etc/shadow");
unless ($pass =~ /^\$1\$/) {
# 1 - MD5, 5 - SHA256, 6 - SHA512
unless (($pass =~ /^\$1\$/) || ($pass =~ /^\$5\$/) || ($pass =~ /^\$6\$/)) {
$pass = crypt($pass,'$1$'.xCAT::Utils::genpassword(8));
}
print $shadow "root:$pass:13880:0:99999:7:::\n";

3
xCAT-server/lib/xcat/plugins/statelite.pm
View File

@@ -187,7 +187,8 @@ sub process_request {
my @shadents = <$shadow>;
close($shadow);
open($shadow,">","$rootimg_dir/etc/shadow");
unless ($pass =~ /^\$1\$/) {
# 1 - MD5, 5 - SHA256, 6 - SHA512
unless (($pass =~ /^\$1\$/) || ($pass =~ /^\$5\$/) || ($pass =~ /^\$6\$/)) {
$pass = crypt($pass,'$1$'.genpassword(8));
}
print $shadow "root:$pass:13880:0:99999:7:::\n";