Currently, there are only two possibilities regarding the root account:
- it is enabled with no password (the default)
- it is enabled, using a clear-text, user-provided password
This is deemed insufficient in many cases, especially when the .config
file has to be published (e.g. for the GPL compliance, or any other
reason.).
Fix that in two ways:
- add a boolean option that allows/disallows root login altogether,
which defaults to 'y' to keep backward compatibility;
- accept already-encoded passwords, which we recognise as starting
with either of $1$, $5$ or $6$ (resp. for md5, sha256 or sha512).
Signed-off-by: Lorenzo M. Catucci <lorenzo@sancho.ccd.uniroma2.it>
[yann.morin.1998@free.fr:
- don't add a choice to select between clear-text/encoded password,
use a single prompt;
- differentiate in the password hook itself;
- rewrite parts of the help entry;
- rewrite and expand the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: "Lorenzo M. Catucci" <lorenzo@sancho.ccd.uniroma2.it>
Acked-by: "Lorenzo M. Catucci" <lorenzo@sancho.ccd.uniroma2.it>
Tested-by: Gergely Imreh <imrehg@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
18fa4a32a6