[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH]Validation of root password with cracklib



>>> Right. Perhaps starting with "Weak Password" as the caption, and then
>>> explaining a bit more.
>> Thank you, so I changed the caption from "Bad Password" to
>> "Weak Password". (But any other messages are same as passwd command's)
> 
> It might be better to also change the text in the message box to be
> "Weak password provided" rather than "BAD PASSWORD" both for consistency
> and to be a little bit more user-friendly.
> 
> Also, instead of importing cracklib in the middle of modules, it should
> be imported at the top of the files with the rest of the imports
Hi, Thanks a lot for your comments.

Actually I have read the all thread of this subject,
so I understood that currently some or all of you don't believe that
Anaconda is the right place to enforce password strength policies.

anyway, I attached updated patches including your comments.

thank you,
diff --git a/iw/account_gui.py b/iw/account_gui.py
old mode 100644
new mode 100755
index 893df11..e8223e6
--- a/iw/account_gui.py
+++ b/iw/account_gui.py
@@ -17,6 +17,7 @@ import gui
 from iw_gui import *
 from rhpl.translate import _, N_
 from flags import flags
+import cracklib
 
 def handleCapsLockRelease(window, event, label):
     if event.keyval == gtk.keysyms.Caps_Lock and event.state & gtk.gdk.LOCK_MASK:
@@ -63,6 +64,17 @@ class AccountWindow (InstallWindow):
                                       "six characters long."),
                                     custom_icon="error")
             passwordError()
+
+        msg = cracklib.FascistCheck(pw)
+        if msg is not None:
+            ret = self.intf.messageWindow(_("Weak Password"),
+                                          _("Weak password provided: %s"
+                                            "\n\n"
+                                            "Would you like to continue with this "
+                                            "password?" % (msg, )),
+                                          type = "yesno")
+            if ret == 0:
+                passwordError()
         
         allowed = string.digits + string.ascii_letters + string.punctuation + " "
         for letter in pw:
diff --git a/textw/userauth_text.py b/textw/userauth_text.py
old mode 100644
new mode 100755
index 97092c3..14e7a67
--- a/textw/userauth_text.py
+++ b/textw/userauth_text.py
@@ -14,6 +14,7 @@
 from snack import *
 from constants_text import *
 from rhpl.translate import _
+import cracklib
 
 def has_bad_chars(pw):
     allowed = string.digits + string.ascii_letters + string.punctuation + " "
@@ -71,7 +72,18 @@ class RootPasswordWindow:
                          "which are not allowed."),
 		       buttons = [ TEXT_OK_BUTTON ], width = 50)
             else:
-                break
+                msg = cracklib.FascistCheck(entry1.value())
+                if msg is not None:
+                    ret = anaconda.intf.messageWindow(_("Weak Password"),
+                                                  _("Weak password provided: %s"
+                                                    "\n\n"
+                                                    "Would you like to continue with this "
+                                                    "password?" % (msg, )),
+                                                  type = "yesno")
+                    if ret == 1:
+                        break
+                else:
+                    break
 
             entry1.set ("")
             entry2.set ("")
diff --git a/scripts/upd-instroot b/scripts/upd-instroot
index 6a39cb4..c366630 100755
--- a/scripts/upd-instroot
+++ b/scripts/upd-instroot
@@ -254,7 +254,8 @@ PACKAGES="glibc-common setup python newt slang libselinux
 	 libdhcp libnl libdhcp6client libdhcp4client newt-python
 	 device-mapper device-mapper-libs dmraid keyutils-libs libsemanage-python
 	 python-pyblock mkinitrd libbdevid libbdevid-python nss nspr pcre
-	 cryptsetup-luks libgcrypt libgpg-error udev udev-static dbus dbus-python hal"
+	 cryptsetup-luks libgcrypt libgpg-error udev udev-static dbus dbus-python hal
+	 cracklib-python"
 
 if [ $ARCH = i386 ]; then
     PACKAGES="$PACKAGES glibc.i386 openssl.i386"
@@ -517,6 +518,7 @@ usr/lib/python?.?/site-packages/repomd
 usr/lib/python?.?/site-packages/pirut
 usr/lib/python?.?/site-packages/pykickstart
 usr/lib/python?.?/site-packages/rhpxl
+usr/lib/python?.?/site-packages/cracklibmodule.so
 usr/lib/rpm/macros
 usr/lib/rpm/rpmpopt
 usr/lib/rpm/rpmrc

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]