Viewing file:  config_passwd.py (2.37 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
# Copyright (C) 2016 Canonical Ltd.
# Copyright (C) 2016 VMware INC.
#
# Author: Maitreyee Saikia <[email protected]>
#
# This file is part of cloud-init. See LICENSE file for license information.
import logging
import os
from cloudinit import atomic_helper, subp
LOG = logging.getLogger(__name__)
class PasswordConfigurator:
"""
Class for changing configurations related to passwords in a VM. Includes
setting and expiring passwords.
"""
def configure(self, passwd, resetPasswd, distro):
"""
Main method to perform all functionalities based on configuration file
inputs.
@param passwd: encoded admin password.
@param resetPasswd: boolean to determine if password needs to be reset.
@return cfg: dict to be used by cloud-init set_passwd code.
"""
LOG.info("Starting password configuration")
if passwd:
passwd = atomic_helper.b64d(passwd)
allRootUsers = []
for line in open("/etc/passwd", "r"):
if line.split(":")[2] == "0":
allRootUsers.append(line.split(":")[0])
# read shadow file and check for each user, if its uid0 or root.
uidUsersList = []
for line in open("/etc/shadow", "r"):
user = line.split(":")[0]
if user in allRootUsers:
uidUsersList.append(user)
if passwd:
LOG.info("Setting admin password")
distro.set_passwd("root", passwd)
if resetPasswd:
self.reset_password(uidUsersList)
LOG.info("Configure Password completed!")
def reset_password(self, uidUserList):
"""
Method to reset password. Use passwd --expire command. Use chage if
not succeeded using passwd command. Log failure message otherwise.
@param: list of users for which to expire password.
"""
LOG.info("Expiring password.")
for user in uidUserList:
try:
subp.subp(["passwd", "--expire", user])
except subp.ProcessExecutionError as e:
if os.path.exists("/usr/bin/chage"):
subp.subp(["chage", "-d", "0", user])
else:
LOG.warning(
"Failed to expire password for %s with error: %s",
user,
e,
)
|