From 3f1fe17d9cdf9ca40f7f9113cf09124d2d237eee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Igor=20Pe=C4=8Dovnik?= Date: Tue, 15 Nov 2022 20:19:59 +0100 Subject: [PATCH] Don't block but warn user on weak password (#4436) * Don't block but warn user on weak password * Previous fix was done only for user --- .../common/usr/lib/armbian/armbian-firstlogin | 68 +++++++++---------- 1 file changed, 32 insertions(+), 36 deletions(-) diff --git a/packages/bsp/common/usr/lib/armbian/armbian-firstlogin b/packages/bsp/common/usr/lib/armbian/armbian-firstlogin index 9648c922b7..83bb5dd15a 100755 --- a/packages/bsp/common/usr/lib/armbian/armbian-firstlogin +++ b/packages/bsp/common/usr/lib/armbian/armbian-firstlogin @@ -261,42 +261,40 @@ add_user() if [[ "$first_input" == "$second_input" ]]; then result="$(cracklib-check <<<"$password")" okay="$(awk -F': ' '{ print $2}' <<<"$result")" - if [[ "$okay" == "OK" ]]; then - echo -e "" - read -e -p "Please provide your real name: " -i "${RealUserName^}" RealName - - adduser --quiet --disabled-password --home /home/"$RealUserName" --gecos "$RealName" "$RealUserName" - (echo "$first_input";echo "$second_input";) | passwd "$RealUserName" >/dev/null 2>&1 - for additionalgroup in sudo netdev audio video disk tty users games dialout plugdev input bluetooth systemd-journal ssh; do - usermod -aG "${additionalgroup}" "${RealUserName}" 2>/dev/null - done - - # fix for gksu in Xenial - touch /home/"$RealUserName"/.Xauthority - chown "$RealUserName":"$RealUserName" /home/"$RealUserName"/.Xauthority - RealName="$(awk -F":" "/^${RealUserName}:/ {print \$5}" /dev/null 2>&1 - if [ $? -eq 0 ]; then - echo -e "${RealUserName} ALL=(ALL) NOPASSWD: /usr/bin/psd-overlay-helper" >> /etc/sudoers - touch /home/"${RealUserName}"/.activate_psd - chown "$RealUserName":"$RealUserName" /home/"${RealUserName}"/.activate_psd - fi - break - else - echo -e "Rejected - \e[0;31m$okay.\x1B[0m Try again [${REPEATS}]." - REPEATS=$((REPEATS - 1)) + if [[ "$okay" != "OK" ]]; then + echo -e "\n\e[0;31mWarning:\x1B[0m Weak password!" fi + echo -e "" + read -e -p "Please provide your real name: " -i "${RealUserName^}" RealName + + adduser --quiet --disabled-password --home /home/"$RealUserName" --gecos "$RealName" "$RealUserName" + (echo "$first_input";echo "$second_input";) | passwd "$RealUserName" >/dev/null 2>&1 + for additionalgroup in sudo netdev audio video disk tty users games dialout plugdev input bluetooth systemd-journal ssh; do + usermod -aG "${additionalgroup}" "${RealUserName}" 2>/dev/null + done + + # fix for gksu in Xenial + touch /home/"$RealUserName"/.Xauthority + chown "$RealUserName":"$RealUserName" /home/"$RealUserName"/.Xauthority + RealName="$(awk -F":" "/^${RealUserName}:/ {print \$5}" /dev/null 2>&1 + if [ $? -eq 0 ]; then + echo -e "${RealUserName} ALL=(ALL) NOPASSWD: /usr/bin/psd-overlay-helper" >> /etc/sudoers + touch /home/"${RealUserName}"/.activate_psd + chown "$RealUserName":"$RealUserName" /home/"${RealUserName}"/.activate_psd + fi + break elif [[ -n $password ]]; then echo -e "Rejected - \e[0;31mpasswords do not match.\x1B[0m Try again [${REPEATS}]." REPEATS=$((REPEATS - 1)) fi - [[ "$REPEATS" -eq 0 ]] && exit + [[ "$REPEATS" -eq 0 ]] && logout done } @@ -349,13 +347,11 @@ if [[ -f /root/.not_logged_in_yet && -n $(tty) ]]; then if [[ "$first_input" == "$second_input" ]]; then result="$(cracklib-check <<<"$password")" okay="$(awk -F': ' '{ print $2}' <<<"$result")" - if [[ "$okay" == "OK" ]]; then + if [[ "$okay" != "OK" ]]; then + echo -e "\n\e[0;31mWarning:\x1B[0m $okay!" (echo "$first_input";echo "$second_input";) | passwd root >/dev/null 2>&1 - break - else - echo -e "Rejected - \e[0;31m$okay.\x1B[0m Try again [${REPEATS}]." - REPEATS=$((REPEATS - 1)) fi + break elif [[ -n $password ]]; then echo -e "Rejected - \e[0;31mpasswords do not match.\x1B[0m Try again [${REPEATS}]." REPEATS=$((REPEATS - 1))