fix bug 3531961: FB - Genesis password not processed properly
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/branches/2.7@13012 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
zhaoertao
parent
167238f43c
commit
d0d9e7562d
@ -28,6 +28,7 @@ sub _startssh {
|
||||
close($pty);
|
||||
open STDIN, "<&", $tty_fd;
|
||||
open STDOUT,">&",$tty_fd;
|
||||
open STDERR, ">&", STDOUT;
|
||||
close($tty);
|
||||
my @cmd = ("ssh","-o","StrictHostKeyChecking=no");
|
||||
if ($args{"-nokeycheck"}) {
|
||||
@ -58,7 +59,7 @@ sub new {
|
||||
my $promptex = $args{Prompt};
|
||||
$promptex =~ s!^/!!;
|
||||
$promptex =~ s!/\z!!;
|
||||
my ($prematch,$match) = $self->waitfor(Match => $args{Prompt},Match=>'/password:/i') or die "Login Failed: ",$self->lastline;
|
||||
my ($prematch,$match) = $self->waitfor(Match => $args{Prompt},Match=>'/password:/i',Match=>'/REMOTE HOST IDENTIFICATION HAS CHANGED/') or die "Login Failed:", $self->lastline;
|
||||
if ($match =~ /password:/i) {
|
||||
#$self->waitfor("-match" => '/password:/i', -errmode => "return") or die "Unable to reach host ",$self->lastline;
|
||||
$self->print($password);
|
||||
@ -74,7 +75,9 @@ sub new {
|
||||
*$self->{_xcatsshinteract}->{_atprompt}=1;
|
||||
}
|
||||
} elsif ($match =~ /$promptex/) {
|
||||
*$self->{_xcatsshinteract}->{_atprompt}=1;
|
||||
*$self->{_xcatsshinteract}->{_atprompt}=1;
|
||||
} elsif ($match =~ /REMOTE HOST IDENTIFICATION HAS CHANGED/){
|
||||
die "Known_hosts issue";
|
||||
}
|
||||
return bless($self,$class);
|
||||
}
|
||||
|
||||
@ -4014,6 +4014,7 @@ sub clicmds {
|
||||
}
|
||||
my $curruser = $user;
|
||||
my $currpass = $pass;
|
||||
my $promote_pass = $pass; #used for genesis state processing
|
||||
my $nokeycheck=0; #default to checking ssh key
|
||||
if ($args{defaultcfg}) {
|
||||
$curruser="USERID";
|
||||
@ -4054,6 +4055,11 @@ sub clicmds {
|
||||
};
|
||||
my $errmsg=$@;
|
||||
if ($errmsg) {
|
||||
if ($errmsg =~ /Known_hosts issue/) {
|
||||
$errmsg = "The entry for $curraddr in known_hosts table is out of date, pls run 'makeknownhosts $curraddr -r' to delete it from known_hosts table.";
|
||||
push @cfgtext, $errmsg;
|
||||
return([1, \@unhandled, $errmsg]);
|
||||
}
|
||||
if ($errmsg =~ /Login Failed/) {
|
||||
$errmsg = "Failed to login to $mpa";
|
||||
if ($curraddr ne $mpa) { $errmsg .= " (currently at $curraddr)" }
|
||||
@ -4063,13 +4069,16 @@ sub clicmds {
|
||||
}
|
||||
my $Rc=1;
|
||||
if ($t and not $t->atprompt) { #we sshed in, but we may be forced to deal with initial password set
|
||||
if (defined($handled{USERID})) {
|
||||
$promote_pass = $handled{USERID};
|
||||
}
|
||||
my $output = $t->get();
|
||||
if ($output =~ /Enter current password/) {
|
||||
$t->print($currpass);
|
||||
$t->waitfor(-match=>"/password:/i");
|
||||
$t->print($pass);
|
||||
$t->print($promote_pass);
|
||||
$t->waitfor(-match=>"/password:/i");
|
||||
$t->print($pass);
|
||||
$t->print($promote_pass);
|
||||
my $result=$t->getline();
|
||||
chomp($result);
|
||||
$result =~ s/\s*//;
|
||||
@ -4078,6 +4087,7 @@ sub clicmds {
|
||||
$result =~ s/\s*//;
|
||||
}
|
||||
if ($result =~ /not compliant/) {
|
||||
push @cfgtext,"The current account password has expired, please modify it first";
|
||||
return ([1,\@unhandled,"Management module refuses requested password as insufficiently secure, try another password"]);
|
||||
}
|
||||
}
|
||||
@ -4125,8 +4135,8 @@ sub clicmds {
|
||||
elsif (/^rscanfsp$/) { $result = rscanfsp($t,$mpa,$handled{$_},$mm); }
|
||||
elsif (/^solcfg$/) { $result = solcfg($t,$handled{$_},$mm); }
|
||||
elsif (/^network_reset$/) { $result = network($t,$handled{$_},$mpa,$mm,$node,$nodeid,1); $reset=1; }
|
||||
elsif (/^(USERID)$/) {$result = passwd($t, $mpa, $1, "=".$handled{$_}, $mm);}
|
||||
elsif (/^userpassword$/) {$result = passwd($t, $mpa, $1, $handled{$_}, $mm);}
|
||||
elsif (/^(USERID)$/) {$result = passwd($t, $mpa, $1, "=".$handled{$_}, $promote_pass, $mm);}
|
||||
elsif (/^userpassword$/) {$result = passwd($t, $mpa, $1, $handled{$_}, $promote_pass, $mm);}
|
||||
if (!defined($result)) {next;}
|
||||
push @data, "$_: @$result";
|
||||
$Rc |= shift(@$result);
|
||||
@ -4311,6 +4321,7 @@ sub passwd {
|
||||
my $mpa = shift;
|
||||
my $user = shift;
|
||||
my $pass = shift;
|
||||
my $oldpass = shift;
|
||||
my $mm = shift;
|
||||
if ($pass =~ /^=/) {
|
||||
$pass=~ s/=//;
|
||||
@ -4325,18 +4336,21 @@ sub passwd {
|
||||
if ($mpatab) {
|
||||
#my ($ent)=$mpatab->getNodeSpecAttribs($mpa, {username=>$user},qw(password));
|
||||
my ($ent)=$mpatab->getAttribs({mpa=>$mpa, username=>$user},qw(password));
|
||||
my $oldpass = 'PASSW0RD';
|
||||
if (defined($ent->{password})) {$oldpass = $ent->{password}};
|
||||
my $cmd = "users -n $user -op $oldpass -p $pass -T system:$mm";
|
||||
my @data = $t->cmd($cmd);
|
||||
if (!grep(/OK/i, @data)) {
|
||||
return ([1, @data]);
|
||||
#my $oldpass = 'PASSW0RD';
|
||||
#if (defined($ent->{password})) {$oldpass = $ent->{password}};
|
||||
my @data = ();
|
||||
if ($oldpass ne $pass) {
|
||||
my $cmd = "users -n $user -op $oldpass -p $pass -T system:$mm";
|
||||
my @data = $t->cmd($cmd);
|
||||
if (!grep(/OK/i, @data)) {
|
||||
return ([1, @data]);
|
||||
}
|
||||
}
|
||||
@data = ();
|
||||
my $snmp_cmd = "users -n $user -ap sha -pp des -ppw $pass -T system:$mm";
|
||||
@data = $t->cmd($snmp_cmd);
|
||||
if (!grep(/ok/i, @data)) {
|
||||
$cmd = "users -n $user -op $pass -p $oldpass -T system:$mm";
|
||||
my $cmd = "users -n $user -op $pass -p $oldpass -T system:$mm";
|
||||
my @back_pwd = $t->cmd($cmd);
|
||||
if (!grep(/OK/i, @back_pwd)) {
|
||||
$mpatab->setAttribs({mpa=>$mpa,username=>$user},{password=>$pass});
|
||||
|
||||
Loading…
Reference in New Issue
Block a user