4
. /usr/share/debconf/confmodule
9
log='log-output -t user-setup'
16
. /usr/lib/user-setup/functions.sh
18
# Set a password, via chpasswd.
19
# Use perl rather than echo, to avoid the password
20
# showing in the process table. (However, this is normally
21
# only called when first installing the system, when root has no
22
# password at all, so that should be an unnecessary precaution).
24
# Pass in three arguments: the user, the password, and 'true' if the
25
# password has been pre-crypted (by preseeding).
30
# This is very annoying. chpasswd cannot handle generating md5
31
# passwords as it is not PAM-aware. Thus, I have to work around
32
# that by crypting the password myself if md5 is used.
36
if [ "$3" = true ]; then
42
$chroot $ROOT perl -e '
46
my @valid = split(//, "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
49
my $cryptsaltlen = ($md5 ? 8 : 2);
51
open (F, "</dev/urandom") || die "No /dev/urandom found!";
52
foreach (1..$cryptsaltlen) {
54
$out .= $valid[ord($in) % ($#valid + 1)];
57
return ($md5 ? "\$1\$$out\$" : $out);
60
open(P,"| chpasswd -e");
61
if ($ENV{PRECRYPTED}) {
62
print P shift().":$ENV{SETPASSWD_PW}\n";
65
crypt($ENV{SETPASSWD_PW}, CreateCryptSalt($ENV{USE_MD5})).
75
sudoers_admin_group () {
76
if [ -f $ROOT/etc/sudoers ]; then
77
cat <<EOF >>$ROOT/etc/sudoers
79
# Members of the admin group may gain root privileges
86
if ! grep -qi ^root: $ROOT/etc/aliases 2>/dev/null; then
87
cat <<EOF >>$ROOT/etc/aliases
88
# Added by installer for initial user
91
if [ -x $ROOT/usr/bin/newaliases ]; then
92
$log $chroot $ROOT /usr/bin/newaliases
97
# Enable/disable shadow passwords.
99
if [ "$RET" = true ]; then
100
$log $chroot $ROOT shadowconfig on
102
$log $chroot $ROOT shadowconfig off
105
if ! root_password; then
106
# Was the root password preseeded encrypted?
107
if db_get passwd/root-password-crypted && [ "$RET" ]; then
109
# The root password was preseeded encrypted. Clear it from
110
# the database, then set it.
111
db_set passwd/root-password-crypted ''
112
setpassword root "$ROOT_PW" true
115
db_get passwd/root-password
117
if [ "$ROOT_PW" ]; then
118
# Clear the root password from the database, and set
120
db_set passwd/root-password ''
121
db_set passwd/root-password-again ''
122
setpassword root "$ROOT_PW" false
125
# Disable the root password.
126
echo 'root:*' | $chroot $ROOT chpasswd -e
131
db_get passwd/make-user
132
if [ "$RET" = true ] && ! is_system_user; then
133
if db_get passwd/user-password-crypted && [ "$RET" ]; then
137
db_get passwd/user-password
139
USER_PW_CRYPTED=false
142
if db_get passwd/user-uid && [ "$RET" ]; then
143
if [ -x $ROOT/usr/sbin/adduser ]; then
152
# Add the user to the database, using adduser in noninteractive
154
db_get passwd/username
156
db_get passwd/user-fullname
158
if [ -x $ROOT/usr/sbin/adduser ]; then
159
$log $chroot $ROOT adduser --disabled-password --gecos "$RET" $UIDOPT "$USER" >/dev/null || true
161
$log $chroot $ROOT useradd -c "$RET" -m "$USER" $UIDOPT >/dev/null || true
164
# Clear the user password from the database.
165
if [ "$USER_PW_CRYPTED" = true ]; then
166
db_set passwd/user-password-crypted ''
168
db_set passwd/user-password ''
169
db_set passwd/user-password-again ''
171
setpassword "$USER" "$USER_PW" "$USER_PW_CRYPTED"
173
if [ -n "$USER" ]; then
174
for group in lpadmin scanner; do
175
$log $chroot $ROOT addgroup --system $group >/dev/null 2>&1 || true
177
for group in adm audio cdrom dialout floppy video plugdev dip lpadmin scanner; do
178
$log $chroot $ROOT adduser "$USER" $group >/dev/null 2>&1 || true
181
if ! root_password; then
183
$log $chroot $ROOT addgroup --system admin >/dev/null 2>&1 || true
184
$log $chroot $ROOT adduser "$USER" admin >/dev/null 2>&1 || true
187
add_to_aliases "$USER"