Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for encrypted passwords #1771

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Support for encrypted passwords #1771

wants to merge 3 commits into from

Conversation

lslezak
Copy link
Contributor

@lslezak lslezak commented Nov 15, 2024

Problem

  • The Agama autoinstallation and CLI accept the first user and the root passwords only in plain text
  • That's insecure, everybody who can access the installation profile knows the root password

Solution

  • Support passing an already encrypted (hashed) password in the profile
  • Similar to AutoYaST, an additional encryptedPassword boolean flag is used to determine whether the specified password is encrypted (true value) or plain text (false value or missing in the profile)

Notes

  • The web UI allows specifying only plain text passwords
  • Encrypted passwords are long and hard to type and they need to be encrypted externally

Features

  • Adapted schema definition
  • Adapted the AutoYaST conversion tool
  • When an encrypted password is set from Agama CLI then web UI resets the flag back to plain text (it supports only plain text passwords)

Testing

  • Tested manually (both root user and first user), tested the AutoYaST profile conversion
  • Updated unit tests

@lslezak
Support for encrypted passwords
b95e532 
Allow to use an encrypted (hashed) password in autoinstallation
and in Agama CLI.
@lslezak
Changes
f71dfbb
@coveralls
Copy link

Pull Request Test Coverage Report for Build 11860193169

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 11 of 15 (73.33%) changed or added relevant lines in 7 files are covered.
  • 68 unchanged lines in 4 files lost coverage.
  • Overall coverage increased (+0.001%) to 71.348%
Changes Missing Coverage Covered Lines Changed/Added Lines %
rust/agama-lib/src/users/client.rs 0 1 0.0%
rust/agama-server/src/users/web.rs 0 1 0.0%
service/lib/agama/dbus/users.rb 3 4 75.0%
service/lib/agama/users.rb 3 4 75.0%
Files with Coverage Reduction New Missed Lines %
service/service/lib/agama/users.rb 1 96.77%
service/service/lib/agama/dbus/users.rb 16 61.11%
rust/agama-lib/src/users/client.rs 21 0.0%
rust/agama-server/src/users/web.rs 30 0.0%
Totals Coverage Status
Change from base Build 11842624800: 0.001%
Covered Lines: 16928
Relevant Lines: 23726
💛 - Coveralls

@lslezak lslezak mentioned this pull request Nov 15, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lslezak @coveralls