Project

General

Profile

Bug #9124

Root passwords that start with $ are assumed to already be hashed

Added by Tommy McNeely over 6 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Host creation
Target version:
Difficulty:
easy
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

The current method to "detect" whether a root_pass has been hashed is that it starts with a "$" .. If you happen to have a root password that starts with a "$" it will store it in plain text instead of hashing it, and then it will not be set correctly. The "detection" of whether a root password is hashed or not should be a bit more advanced.

Associated revisions

Revision c92138af (diff)
Added by Tommy McNeely over 6 years ago

fixes #9124 - fixes detection of hashed root passwords

A root password that started with "$" would not be hashed, and therefore
would end up being stored in clear text and inserted in clear text to the
/etc/shadow file, which just won't work. This adds a bit more to the match
to ensure it starts with a $, then has a number, then another $, then
any characters (salt), then another $, then some more characters. It has
been tested both ways and seems to work well.

~tommy

History

#1 Updated by The Foreman Bot over 6 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/2112 added
  • Pull request deleted ()

#2 Updated by Dominic Cleal over 6 years ago

  • Legacy Backlogs Release (now unused) set to 28

#3 Updated by Tommy McNeely over 6 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF