[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH]Validation of root password with cracklib



Hi, again

I'm sorry that previous patches have some wrong code.
so I fixed them and resend them to this mailing list.

This concept is same as the previous mail.
(Validation for root password like passwd command)

Would you review them, please?

thank you,

HARA Hiroshi wrote:
> Hi,
> 
> Current anaconda validates only length of
> root password.
> but passwd command validates more things for password
> like the following...
> -------------------------------------------
> # passwd
> Changing password for user root.
> New UNIX password:
> BAD PASSWORD: it is based on a dictionary word
> Retype new UNIX password:
> -------------------------------------------
> 
> so I added the validation of root password to
> anaconda using cracklib same as passwd.
> 
> Would you review the patches, please ? and
> I'd appreciate it if you could give me the comment.
> 
> thank you,
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Anaconda-devel-list mailing list
> Anaconda-devel-list redhat com
> https://www.redhat.com/mailman/listinfo/anaconda-devel-list

diff --git a/scripts/upd-instroot b/scripts/upd-instroot
index 6a39cb4..c366630 100755
--- a/scripts/upd-instroot
+++ b/scripts/upd-instroot
@@ -254,7 +254,8 @@ PACKAGES="glibc-common setup python newt slang libselinux
 	 libdhcp libnl libdhcp6client libdhcp4client newt-python
 	 device-mapper device-mapper-libs dmraid keyutils-libs libsemanage-python
 	 python-pyblock mkinitrd libbdevid libbdevid-python nss nspr pcre
-	 cryptsetup-luks libgcrypt libgpg-error udev udev-static dbus dbus-python hal"
+	 cryptsetup-luks libgcrypt libgpg-error udev udev-static dbus dbus-python hal
+	 cracklib-python"
 
 if [ $ARCH = i386 ]; then
     PACKAGES="$PACKAGES glibc.i386 openssl.i386"
@@ -517,6 +518,7 @@ usr/lib/python?.?/site-packages/repomd
 usr/lib/python?.?/site-packages/pirut
 usr/lib/python?.?/site-packages/pykickstart
 usr/lib/python?.?/site-packages/rhpxl
+usr/lib/python?.?/site-packages/cracklibmodule.so
 usr/lib/rpm/macros
 usr/lib/rpm/rpmpopt
 usr/lib/rpm/rpmrc
diff --git a/textw/userauth_text.py b/textw/userauth_text.py
old mode 100644
new mode 100755
index 97092c3..b8b5bcd
--- a/textw/userauth_text.py
+++ b/textw/userauth_text.py
@@ -71,7 +71,19 @@ class RootPasswordWindow:
                          "which are not allowed."),
 		       buttons = [ TEXT_OK_BUTTON ], width = 50)
             else:
-                break
+                import cracklib
+                msg = cracklib.FascistCheck(entry1.value())
+                if msg is not None:
+                    ret = anaconda.intf.messageWindow(_("Bad Password"),
+                                                  _("BAD PASSWORD: %s"
+                                                    "\n\n"
+                                                    "Would you like to continue with this "
+                                                    "password?" % (msg, )),
+                                                  type = "yesno")
+                    if ret == 1:
+                        break
+                else:
+                    break
 
             entry1.set ("")
             entry2.set ("")
diff --git a/iw/account_gui.py b/iw/account_gui.py
old mode 100644
new mode 100755
index 893df11..1f3a3fd
--- a/iw/account_gui.py
+++ b/iw/account_gui.py
@@ -63,6 +63,18 @@ class AccountWindow (InstallWindow):
                                       "six characters long."),
                                     custom_icon="error")
             passwordError()
+
+        import cracklib
+        msg = cracklib.FascistCheck(pw)
+        if msg is not None:
+            ret = self.intf.messageWindow(_("Bad Password"),
+                                          _("BAD PASSWORD: %s"
+                                            "\n\n"
+                                            "Would you like to continue with this "
+                                            "password?" % (msg, )),
+                                          type = "yesno")
+            if ret == 0:
+                passwordError()
         
         allowed = string.digits + string.ascii_letters + string.punctuation + " "
         for letter in pw:

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]