瀏覽代碼

Use a longer default password for better security

Bob Mottram 8 年之前
父節點
當前提交
afeec42a00
共有 3 個檔案被更改,包括 12 行新增12 行删除
  1. 0
    1
      src/freedombone-app-blog
  2. 2
    4
      src/freedombone-image-customise
  3. 10
    7
      src/freedombone-utils-passwords

+ 0
- 1
src/freedombone-app-blog 查看文件

@@ -174,7 +174,6 @@ function install_interactive_blog {
174 174
 
175 175
 function change_password_blog {
176 176
     if ! grep -q "blog domain:" $COMPLETION_FILE; then
177
-        return
178 177
         echo "blog domain:$FULLBLOG_DOMAIN_NAME" >> $COMPLETION_FILE
179 178
     fi
180 179
     FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "blog domain" | head -n 1 | awk -F ':' '{print $2}')

+ 2
- 4
src/freedombone-image-customise 查看文件

@@ -349,7 +349,7 @@ EOF
349 349
     echo '            exit' >> $rootdir/root/.bashrc
350 350
     echo '        fi' >> $rootdir/root/.bashrc
351 351
     echo -n '        NEW_USER_PASSWORD="$(openssl rand -base64 30 | cut -c1-' >> $rootdir/root/.bashrc
352
-    echo "${MINIMUM_PASSWORD_LENGTH})\"" >> $rootdir/root/.bashrc
352
+    echo "${DEFAULT_PASSWORD_LENGTH})\"" >> $rootdir/root/.bashrc
353 353
     echo '    fi' >> $rootdir/root/.bashrc
354 354
     echo '    echo "${NEW_USER_PASSWORD}" > ~/login.txt' >> $rootdir/root/.bashrc
355 355
 
@@ -361,8 +361,6 @@ EOF
361 361
     PRESS_KEY_MESSAGE=$'Press any key to continue...'
362 362
     echo "    echo \"${NEW_LOGIN_PASSWORD_MESSAGE1}\"" >> $rootdir/root/.bashrc
363 363
     echo '    echo ""' >> $rootdir/root/.bashrc
364
-    echo '    toilet "${NEW_USER_PASSWORD}"' >> $rootdir/root/.bashrc
365
-    echo '    echo ""' >> $rootdir/root/.bashrc
366 364
     echo '    echo "                          ${NEW_USER_PASSWORD}"' >> $rootdir/root/.bashrc
367 365
     echo '    echo ""' >> $rootdir/root/.bashrc
368 366
     echo "    echo \"${NEW_LOGIN_PASSWORD_MESSAGE2}\"" >> $rootdir/root/.bashrc
@@ -1015,7 +1013,7 @@ fi
1015 1013
 if [[ $VARIANT != "meshclient" && $VARIANT != "meshusb" && $VARIANT != "mesh" ]]; then
1016 1014
     chroot "$rootdir" apt-get install -y openssh-server
1017 1015
 fi
1018
-chroot "$rootdir" apt-get install -y sudo git dialog toilet build-essential
1016
+chroot "$rootdir" apt-get install -y sudo git dialog build-essential
1019 1017
 chroot "$rootdir" apt-get install -y avahi-daemon avahi-utils avahi-discover avahi-autoipd
1020 1018
 chroot "$rootdir" apt-get install -y iptables dnsutils net-tools network-manager iputils-ping
1021 1019
 chroot "$rootdir" apt-get install -y libnss-mdns libnss-myhostname libnss-gw-name nano man ntp

+ 10
- 7
src/freedombone-utils-passwords 查看文件

@@ -36,15 +36,18 @@ IMAGE_PASSWORD_FILE=/root/login.txt
36 36
 # Minimum number of characters in a password
37 37
 MINIMUM_PASSWORD_LENGTH=10
38 38
 
39
+# The default password length used in images
40
+DEFAULT_PASSWORD_LENGTH=20
41
+
39 42
 function enforce_good_passwords {
40
-	# because humans are generally bad at choosing passwords
41
-	if grep -Fxq "enforce_good_passwords" $COMPLETION_FILE; then
42
-		return
43
-	fi
44
-	apt-get -y install libpam-cracklib
43
+    # because humans are generally bad at choosing passwords
44
+    if grep -Fxq "enforce_good_passwords" $COMPLETION_FILE; then
45
+        return
46
+    fi
47
+    apt-get -y install libpam-cracklib
45 48
 
46
-	sed -i 's/password.*requisite.*pam_cracklib.so.*/password        required                       pam_cracklib.so retry=2 dcredit=-4 ucredit=-1 ocredit=-1 lcredit=0 minlen=10 reject_username/g' /etc/pam.d/common-password
47
-	echo 'enforce_good_passwords' >> $COMPLETION_FILE
49
+    sed -i 's/password.*requisite.*pam_cracklib.so.*/password        required                       pam_cracklib.so retry=2 dcredit=-4 ucredit=-1 ocredit=-1 lcredit=0 minlen=10 reject_username/g' /etc/pam.d/common-password
50
+    echo 'enforce_good_passwords' >> $COMPLETION_FILE
48 51
 }
49 52
 
50 53
 function create_password {