ACC SHELL
/**
* File: clients/inst_root.ycp
* Package: Configuration of users and groups
* Summary:
* Displays two input fields to get the root password from the user.
* Plausibility checks executed:
*
* - password must be given
* - first and second entry must match
* - length of password >= 5, and <= maximum for current encryption
* - only certain characters allowed
*
* After all the password is crypted and written into the user_settings.
*
* Authors: Klaus Kämpf <kkaempf@suse.de>
*
* $Id: inst_root.ycp 61872 2010-04-26 13:14:47Z jsuchome $
*/
{
textdomain "users";
import "GetInstArgs";
import "Label";
import "Mode";
import "Popup";
import "ProductFeatures";
import "Report";
import "Security"; // Perl module (Users.pm) donesn't call constructor...
import "Stage";
import "Users";
import "UsersCache";
import "UsersSimple";
import "Wizard";
include "users/widgets.ycp"; // for EncryptionPopup()
// e.g. during firstboot, root pw may be set from first user setup (bnc#599287)
if (!GetInstArgs::going_back() && Users::GetRootPassword () != "")
{
y2milestone ("root password already set, skipping");
return `auto;
}
Users::ReadSystemDefaults (false);
UsersSimple::Read (true);
boolean check_CA_constraints =
ProductFeatures::GetBooleanFeature ("globals","root_password_ca_check");
// minimal pw length for CA-management (F#300438)
integer pw_min_CA = 4;
string valid_password_chars = Users::ValidPasswordChars ();
boolean this_is_for_real = ! Mode::test ();
string encryptionMethod = UsersSimple::EncryptionMethod ();
string pw = "";
if (GetInstArgs::going_back() && Users::GetRootPassword () != nil)
pw = Users::GetRootPassword ();
// Title for root-password dialogue
string title = _("Password for the System Administrator \"root\"");
term contents = `VBox(
`VStretch(),
`HSquash(`VBox(
// advise user to remember his new password
`Label(_("Do not forget what you enter here.")),
`VSpacing(0.8),
`Password (`id(`pw1), `opt (`hstretch),
// Label: get password for user root
_("&Password for root User"), pw),
`VSpacing(0.8),
`Password (`id(`pw2), `opt (`hstretch),
// Label: get same password again for verification
_("Con&firm Password"), pw),
`VSpacing (2.4),
// text entry label
`InputField (`opt(`hstretch),_("&Test Keyboard Layout"))
)),
`VSpacing(2),
// push button
`PushButton(`id(`expert), `opt(`key_F7), _("E&xpert Options...") ),
`VStretch()
);
// help text ( explain what the user "root" is and does ) 1/5
string helptext = _("<p>
Unlike normal users of the system, who write texts, create
graphics, or browse the Internet, the user \"root\" exists on
every system and is called into action whenever
administrative tasks need to be performed. Only log in as root
when you need to be the system administrator.
</p>
");
// help text, continued 2/5
helptext = helptext + _("<p>
Because the root user is equipped with extensive permissions, the password
for \"root\" should be chosen carefully. A combination of letters and numbers
is recommended. To ensure that the password was entered correctly,
reenter it in a second field.
</p>
");
// help text, continued 3/5
helptext = helptext + _("<p>
All the rules for user passwords apply to the \"root\" password:
Distinguish between uppercase and lowercase. A password should have at
least 5 characters and, as a rule, not contain any accented letters or umlauts.
</p>
");
helptext = helptext + Users::ValidPasswordHelptext ();
// help text, continued 5/5
helptext = helptext + _("<p>
Do not forget this \"root\" password.
</p>");
if (check_CA_constraints)
{
helptext = helptext + sformat (
// additional help text about password
_("<p>If you intend to use this password for creating certificates,
it has to be at least %1 characters long.</p>"), pw_min_CA);
}
// help text for 'test keyboard layout' entry'
helptext = helptext + _("<p>To check whether your current keyboard layout is correct, try entering text into the <b>Test Keyboard Layout</b> field.</p>");
if (Mode::normal ()) Wizard::CreateDialog (); // for testing only
Wizard::SetDesktopIcon("users");
Wizard::SetContents (title, contents, helptext,
GetInstArgs::enable_back() || Mode::normal (),
GetInstArgs::enable_next() || Mode::normal ());
symbol ret = nil;
repeat
{
if ( ret != `expert && ret != `abort)
{
UI::SetFocus ( `id(`pw1) );
}
ret = (symbol) Wizard::UserInput();
if (ret == `abort || ret == `cancel)
{
if ( Popup::ConfirmAbort (`incomplete) )
return `abort;
else
{
ret = `notnext;
continue;
}
}
if (ret == `expert)
{
encryptionMethod = EncryptionPopup ();
Users::SetEncryptionMethod (encryptionMethod);
if ((string) UI::QueryWidget(`id(`pw1), `Value) == "")
UI::SetFocus (`id(`pw1));
else
Wizard::SetFocusToNextButton();
}
if (ret == `next)
{
string pw1 = (string) UI::QueryWidget(`id(`pw1), `Value);
string pw2 = (string) UI::QueryWidget(`id(`pw2), `Value);
if (this_is_for_real && pw1 != pw2)
{
// report misspellings of the password
Popup::Message (_("The passwords do not match.
Try again."));
ret = `notnext;
continue;
}
if (this_is_for_real)
{
UsersCache::SetUserType ("system");
Users::SetEncryptionMethod (encryptionMethod);
if (pw1 == "")
{
// report if user forgot to enter a password
Popup::Message(_("No password entered.
Try again."));
ret = `notnext;
continue;
}
if (findfirstnotof (pw1, valid_password_chars + "\\") != nil)
{
Popup::Message (Users::ValidPasswordMessage ());
// Invalidate old password
UI::ChangeWidget(`id(`pw1), `Value, "");
UI::ChangeWidget(`id(`pw2), `Value, "");
ret = `notnext;
continue;
}
list<string> errors = UsersSimple::CheckPasswordUI ($[
"uid" : "root",
"userPassword" : pw1,
"type" : "system",
]);
if (check_CA_constraints && (size (pw1) < pw_min_CA))
{
errors = add (errors, sformat (
// yes/no popup question, %1 is a number
_("If you intend to create certificates,
the password should have at least %1 characters."), pw_min_CA));
}
if (errors != [])
{
string message = mergestring (errors, "\n\n") +
// last part of message popup
"\n\n" + _("Really use this password?");
if (!Popup::YesNo (message))
{
ret = `notnext;
continue;
}
}
Users::WriteSecurity ();
y2milestone( "encrypting with %1", encryptionMethod );
Users::SetRootPassword (pw1);
if (!Users::WriteRootPassword() && Popup::YesNo (
// Error msg (yes/no)
_("The root password could not be set.
You might not be able to log in.
Try setting it again?
")))
{
Users::SetRootPassword ("");
UI::ChangeWidget(`id(`pw1), `Value, "");
UI::ChangeWidget(`id(`pw2), `Value, "");
ret = `notnext;
continue;
}
}
}
} until (ret == `next || ret == `back || ret == `abort);
if (Mode::normal ()) Wizard::CloseDialog ();
return ret;
}
ACC SHELL 2018