Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

initial workings of the shadow crypted passwords in the database

Browse source
This commit is contained in:
Michael McGrath 2008-02-28 14:07:14 -06:00
parent a9d6703946
commit bb3a4c8b36
5 changed files with 12 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

9
fas/client/fasClient.py
View file

@ -18,6 +18,7 @@
# #
# Red Hat Author(s): Mike McGrath <mmcgrath@redhat.com> # Red Hat Author(s): Mike McGrath <mmcgrath@redhat.com>
# #
# TODO: put tmp files in a 700 tmp dir
import sys import sys
import os import os
@ -58,7 +59,7 @@ parser.add_option('-s', '--server',
class MakeShellAccounts(BaseClient): class MakeShellAccounts(BaseClient):
def group_list(self, search='*'): def group_list(self, search='*'):
params = {'search' : search} params = {'search' : search}
data = self.send_request('json/group_list', auth=False, input=params) data = self.send_request('json/group_list', auth=True, input=params)
return data return data
def shadow_text(self, people=None): def shadow_text(self, people=None):
@ -136,7 +137,7 @@ class MakeShellAccounts(BaseClient):
def people_list(self, search='*'): def people_list(self, search='*'):
params = {'search' : search} params = {'search' : search}
data = self.send_request('json/people_list', auth=False, input=params) data = self.send_request('json/people_list', auth=True, input=params)
return data['people'] return data['people']
def make_group_db(self): def make_group_db(self):
@ -149,7 +150,7 @@ class MakeShellAccounts(BaseClient):
def make_shadow_db(self): def make_shadow_db(self):
self.shadow_text() self.shadow_text()
os.system('makedb -o /tmp/passwd.db /tmp/shadow.txt') os.system('makedb -o /tmp/shadow.db /tmp/shadow.txt')
def install_passwd_db(self): def install_passwd_db(self):
try: try:
@ -172,7 +173,7 @@ class MakeShellAccounts(BaseClient):
if __name__ == '__main__': if __name__ == '__main__':
try: try:
fas = MakeShellAccounts(FAS_URL, 'admin', 'admin', 1) fas = MakeShellAccounts(FAS_URL, 'admin', 'admin', False)
except AuthError, e: except AuthError, e:
print e print e
sys.exit(1) sys.exit(1)

1
fas/fas/config/app.cfg
View file

@ -7,6 +7,7 @@
# The commented out values below are the defaults # The commented out values below are the defaults
admingroup = 'accounts' admingroup = 'accounts'
shadowsalt = 'djFfnacd'
# VIEW # VIEW

2
fas/fas/json_request.py
View file

@ -21,7 +21,6 @@ class JsonRequest(controllers.Controller):
'''Perhaps show a nice explanatory message about groups here?''' '''Perhaps show a nice explanatory message about groups here?'''
return dict(help='This is a json interface') return dict(help='This is a json interface')
@identity.require(turbogears.identity.not_anonymous())
@expose("json", allow_json=True) @expose("json", allow_json=True)
def group_list(self, search='*'): def group_list(self, search='*'):
re_search = re.sub(r'\*', r'%', search).lower() re_search = re.sub(r'\*', r'%', search).lower()
@ -31,7 +30,6 @@ class JsonRequest(controllers.Controller):
memberships[group.id] = group.approved_roles memberships[group.id] = group.approved_roles
return dict(groups=groups, memberships=memberships) return dict(groups=groups, memberships=memberships)
@identity.require(turbogears.identity.not_anonymous())
@expose("json", allow_json=True) @expose("json", allow_json=True)
def people_list(self, search='*'): def people_list(self, search='*'):
re_search = re.sub(r'\*', r'%', search).lower() re_search = re.sub(r'\*', r'%', search).lower()

6
fas/fas/user.py
View file

@ -1,5 +1,5 @@
import turbogears import turbogears
from turbogears import controllers, expose, paginate, identity, redirect, widgets, validate, validators, error_handler from turbogears import controllers, expose, paginate, identity, redirect, widgets, validate, validators, error_handler, config
from turbogears.database import session from turbogears.database import session
import cherrypy import cherrypy
@ -7,6 +7,7 @@ import os
import re import re
import gpgme import gpgme
import StringIO import StringIO
import crypt
from fas.model import People from fas.model import People
from fas.model import PersonEmails from fas.model import PersonEmails
@ -117,6 +118,7 @@ def generatePassword(password=None,length=14,salt=''):
# ctx = sha.new(password) # ctx = sha.new(password)
# ctx.update(salt) # ctx.update(salt)
secret['hash'] = crypt.crypt(password, "$1$%s" % config.get('shadowsalt'))
# secret['hash'] = "{SSHA}%s" % b64encode(ctx.digest() + salt) # secret['hash'] = "{SSHA}%s" % b64encode(ctx.digest() + salt)
secret['pass'] = password secret['pass'] = password
@ -299,7 +301,7 @@ class User(controllers.Controller):
return dict() return dict()
newpass = generatePassword(password) newpass = generatePassword(password)
try: try:
person.password = newpass['pass'] person.password = newpass['hash']
turbogears.flash(_("Your password has been changed.")) turbogears.flash(_("Your password has been changed."))
except: except:
turbogears.flash(_("Your password could not be changed.")) turbogears.flash(_("Your password could not be changed."))

4
fas/fas2.sql
View file

@ -432,8 +432,8 @@ GRANT ALL ON TABLE visit, visit_identity TO GROUP apache;
-- information so we need to allow select access on all these tables :-( -- information so we need to allow select access on all these tables :-(
GRANT SELECT ON TABLE people, groups, person_roles, person_emails, group_roles, group_emails, configs TO GROUP apache; GRANT SELECT ON TABLE people, groups, person_roles, person_emails, group_roles, group_emails, configs TO GROUP apache;
-- Create default admin user -- Create default admin user - Default Password "admin"
INSERT INTO people (username, human_name, password) VALUES ('admin', 'Admin User', 'admin'); INSERT INTO people (username, human_name, password) VALUES ('admin', 'Admin User', '$1$djFfnacd$im/L4UiYckFAlw4D5JUau.');
-- Create default groups and populate -- Create default groups and populate
INSERT INTO groups (name, display_name, owner_id, group_type) VALUES ('cla_sign', 'Signed CLA Group', (SELECT id from people where username='admin'), 'tracking'); INSERT INTO groups (name, display_name, owner_id, group_type) VALUES ('cla_sign', 'Signed CLA Group', (SELECT id from people where username='admin'), 'tracking');