Commits

Rodrigo Bistolfi  committed a43f9cc

Use random salt in pwd creation

  • Participants
  • Parent commits aec95b3

Comments (0)

Files changed (1)

File vinstall/backend/users.py

 import pwd
 import grp
 import crypt
+import random
+import string
 import os
 import unittest
 from vinstall.backend import sp
         """
         SKELPATH = "/etc/skel"
         TARGETDIR= self.home
-
-        topdir, dirnames, files = os.walk(SKELPATH).next()
-
-        # Copy the skel files to the home dir
+        
         for item in os.listdir(SKELPATH):
             fcopy = ["/bin/cp", "-aru", os.path.join(SKELPATH, item),
                    os.path.join(TARGETDIR, item)]
             for fun in (fcopy, fchown, fchgrp):
                 sp.check_call(fun)
 
-        # Set permissions to the items in home directory.
         cmd = ["/bin/chmod", "0700", TARGETDIR]
         sp.check_call(cmd)
 
 
     def encrypt_password(self, passwd):
         """Return the encrypted password"""
-        salt = passwd[-1] + passwd[1]
+        s = string.ascii_letters + "./"
+        salt = random.choice(s) + random.choice(s)
         return crypt.crypt(passwd, salt)
 
     def create(self):
         """Create the user account on the system"""
         epass = self.encrypt_password(self.password)
-        cmd = ["/usr/sbin/groupadd", "-g", str(self.uid), self.login ]
+        cmd = ["/usr/sbin/groupadd", "-g", str(self.gid), self.login ]
         sp.check_call(cmd)
         if self.fullname:
             cmd = ["/usr/sbin/useradd","-m","-c","%s"% self.fullname,
 
     def change_password(self, newpass):
         """Change a users password"""
-        if newpass:
-            epass = self.encrypt_password(newpass)
-        else:
-            epass = newpass
+        epass = self.encrypt_password(newpass)
         cmd = ["/usr/sbin/usermod", "-p", epass, self.login]
         return sp.check_call(cmd)
 
 
     def _system_data(self):
         """Return the system data related to this account"""
-        #assert self.login is not None, "Login property must be set first"
         ret = [ u for u in pwd.getpwall() if u.pw_name == self.login ]
         if ret:
             return ret[0]
             return self._system_data().pw_dir
         if self.login == "root":
             return "/root"
-        return os.path.join("/home",self.login)
+        return os.path.join("/home", self.login)
 
     @property
     def gid(self):