scripts/image_signing/set_chronos_password.sh - Issue 4480001: Refuse to change the chronos password if already set unless explicitly asked.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: scripts/image_signing/set_chronos_password.sh

Issue 4480001: Refuse to change the chronos password if already set unless explicitly asked. (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git@master

Patch Set: review fixes Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 #!/bin/bash	1 #!/bin/bash

2	2

3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.	3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.

4 # Use of this source code is governed by a BSD-style license that can be	4 # Use of this source code is governed by a BSD-style license that can be

5 # found in the LICENSE file.	5 # found in the LICENSE file.

6	6

7 # Customizes a Chrome OS release image by setting the chronos user password.	7 # Customizes a Chrome OS release image by setting the chronos user password.

8	8

9 # Usage: ./set_chronos_password.sh <image.bin> <chronos_password>	9 # Usage: ./set_chronos_password.sh <image.bin> <chronos_password> [--force]

10	10

11 # Load common constants and variables.	11 # Load common constants and variables.

12 . "$(dirname "$0")/common.sh"	12 . "$(dirname "$0")/common.sh"

13	13

14 change_chronos_password() {	14 change_chronos_password() {

15 local rootfs=$1	15 local rootfs=$1

16 local password=$2	16 local password=$2

17 echo "Changing chronos password to '$password'..."	17 echo "Changing chronos password to '$password'..."

18 local crypted_password="$(echo $password \| openssl passwd -1 -stdin)"	18 local crypted_password="$(echo $password \| openssl passwd -1 -stdin)"

19 local temp_shadow="$rootfs/etc/tempshadow"	19 local temp_shadow="$rootfs/etc/tempshadow"

20 echo "chronos:$crypted_password:14500:0:99999::::" \	20 echo "chronos:$crypted_password:14500:0:99999::::" \

21 \| sudo tee "$temp_shadow" > /dev/null	21 \| sudo tee "$temp_shadow" > /dev/null

22 sudo grep -Ev ^chronos: "$rootfs/etc/shadow" \	22 sudo grep -Ev ^chronos: "$rootfs/etc/shadow" \

23 \| sudo tee -a "$temp_shadow" > /dev/null	23 \| sudo tee -a "$temp_shadow" > /dev/null

24 sudo mv -f "$temp_shadow" "$rootfs/etc/shadow"	24 sudo mv -f "$temp_shadow" "$rootfs/etc/shadow"

25 }	25 }

26	26

27 main() {	27 main() {

28 set -e	28 set -e

29	29

30 local image=$1	30 local image=$1

31 local chronos_password=$2	31 local chronos_password=$2

32 if [ $# -ne 2 ]; then	32 if [ $# -ne 2 ] && [ $# -ne 3 ] \|\| [ ! $3 = "--force" ] ; then

33 echo "Usage: $PROG <image.bin> <chronos_password>"	33 echo "Usage: $PROG <image.bin> <chronos_password> [--force]"

34 exit 1	34 exit 1

35 fi	35 fi

36	36

37 local rootfs=$(mktemp -d)	37 local rootfs=$(make_temp_dir)

	38 if [ $# -eq 2 ]; then

	39 mount_image_partition_ro "$image" 3 "$rootfs"

	40 if ! no_chronos_password "$rootfs"; then

	41 echo "Password is already set [use --force if you'd like to update it]"

	42 exit 1

	43 fi

	44 # Prepare for remounting read/write.

	45 sudo umount -d $rootfs

	46 fi

38 mount_image_partition "$image" 3 "$rootfs"	47 mount_image_partition "$image" 3 "$rootfs"

39 trap "sudo umount -d $rootfs; rm -rf $rootfs" EXIT

40 change_chronos_password "$rootfs" "$chronos_password"	48 change_chronos_password "$rootfs" "$chronos_password"

41 touch "$image" # Updates the image modification time.	49 touch "$image" # Updates the image modification time.

42 echo "Done."	50 echo "Password Changed."

43 }	51 }

44	52

45 main $@	53 main $@

OLD	NEW

« no previous file with comments | « scripts/image_signing/common.sh ('k') | no next file » | no next file with comments »