Sisyphus repository
Last update: 1 october 2023 | SRPMs: 18631 | Visits: 37852354
en ru br
ALT Linux repos
S:1.1-alt3
5.0: 0.8-alt1
4.1: 0.4-alt1.M41.4
4.0: 0.1-alt2.M40.3

Group :: System/Configuration/Other
RPM: alterator-root

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR  Repocop 

alterator-root-1.1/000075500000000000000000000000001130076135700143325ustar00rootroot00000000000000alterator-root-1.1/Makefile000064400000000000000000000003351130076135700157730ustar00rootroot00000000000000NAME=root

TEST_REQUIRES=passwdqc-utils

all:
clean:
install: install-module install-data
check: check-module

include /usr/share/alterator/build/module.mak

install-data:
	install -d $(libexecdir)/alterator/hooks/root.d
alterator-root-1.1/applications/000075500000000000000000000000001130076135700170205ustar00rootroot00000000000000alterator-root-1.1/applications/root.desktop000064400000000000000000000004351130076135700214000ustar00rootroot00000000000000[Desktop Entry]
Type=Application
Categories=X-Alterator-Users
Icon=root
Terminal=false
Name=System administrator
X-Alterator-URI=/root
X-Alterator-Weight=90
X-Alterator-Help=root
Name[ru]=Администратор системы
Name[uk]=Системний адміністратор
alterator-root-1.1/backend3/000075500000000000000000000000001130076135700160045ustar00rootroot00000000000000alterator-root-1.1/backend3/root000075500000000000000000000074561130076135700167310ustar00rootroot00000000000000#!/bin/sh

alterator_api_version=1
authorizedkeys_file=/etc/openssh/authorized_keys/root
hooks_dir=/usr/lib/alterator/hooks/root.d/

. alterator-sh-functions

## installer support, $ALTERATOR_DESTDIR - exported by installer.

DESTDIR=""
CHROOT_EXEC=""

if [ -d "${ALTERATOR_DESTDIR:-}" ]; then
    DESTDIR="$ALTERATOR_DESTDIR"
    CHROOT_EXEC="chroot $DESTDIR"
fi

## SSH keys management

fingerprint()
{
    local line="$1";shift
    local tempfile="$(mktemp -t alterator-root.XXXXXX)"

    echo "$line">"$tempfile"
    local v=
    v="$(ssh-keygen -l -f "$tempfile")" &&
	echo "$v"|cut -f2 -d' '
    rm -f -- "$tempfile"
}

parse_authorized_keys()
{
    local line="$1" && shift
    local opts= keytype= key= comment=
    local tempfile="$(mktemp -t alterator-root.XXXXXX)"

    printf '%s\n' "$line" >"$tempfile"
    case "$line" in
	ssh-*)
	    IFS=' ' read keytype key comment <"$tempfile"
	    ;;
	*)
	    IFS=' ' read opts keytype key comment <"$tempfile"
	;;
    esac

    case "$1" in
	options)
	    printf '%s' "$opts"
	    ;;
	type)
	    printf '%s' "$keytype"
	    ;;
	key)
	    printf '%s' "$key"
	    ;;
	comment)
	    printf '%s' "$comment"
	    ;;
	*)
	    printf '%s\t%s\t%s\t%s' "$opts" "$keytype" "$key" "$comment"
	    ;;
    esac

    rm -rf -- "$tempfile"
}

ssh_key_list()
{
    local line comment comment_field

    [ ! -s "$authorizedkeys_file" ] ||
	while IFS=' ' read -r line; do
	    comment="$(parse_authorized_keys "$line" comment)"
	    case "$comment" in
		alterator-trust@*)
		    ;;
		*)
		    fingerprint "$line"
		    ;;
	    esac
	done<"$authorizedkeys_file"|
	    write_enum
}

ssh_key_add()
{
    [ -s "$in_key_file" ] || return 0

    local new_line="$(cat "$in_key_file")"
    local new_fp="$(fingerprint "$new_line")"
    local comment

    comment="$(parse_authorized_keys "$new_line" comment)"
    if [ -z "$new_fp" -o '(' -n "$comment" -a -z "${comment##alterator-trust@*}" ')' ];then
	write_error "`_ "Invalid ssh key"`"
	return
    fi

    [ ! -s "$authorizedkeys_file" ] ||
	while IFS=' ' read -r line; do
	    local fp="$(fingerprint "$line")"
	    if [ "$fp" = "$new_fp" ];then
		write_error "`_ "Same ssh key already exists"`"
		return
	    fi
	done<"$authorizedkeys_file"

    echo "$new_line" >>"$authorizedkeys_file"
}

ssh_key_del()
{
    [ -s "$authorizedkeys_file" -a -n "$in_key" ] || return

    local old_fp="$in_key";shift
    local tempfile="$(mktemp -t alterator-root.XXXXXX)"

    while IFS=' ' read -r line; do
	local fp="$(fingerprint "$line")"
	local comment="$(parse_authorized_keys "$line" comment)"
	[ "$fp" = "$old_fp" -o '(' -n "$comment" -a -z "${comment##alterator-trust@*}" ')'  ] ||
	    echo "$line"
    done<"$authorizedkeys_file" >"$tempfile"

    mv -f "$tempfile" "$authorizedkeys_file"
}

## root's password management

root_chpasswd()
{
    echo "root:$1" | $CHROOT_EXEC "/usr/sbin/chpasswd"

    #little run-parts
    for f in "$DESTDIR/$hooks_dir"/*; do
	[ -f "$f" -a -x "$f" ] || continue
	[ "${f%.rpm*}" = "$f" -a "${f%\~}" = "$f" ] || continue

	echo "$1"| $CHROOT_EXEC "${f#$DESTDIR}" >&2
    done
}

change_password()
{
    if test_bool "$in_auto" && [ -z "$in_passwd_auto" ]; then
	write_error "`_ "You should define a password for system administrator"`"
    elif test_bool "$in_auto" && [ -n "$in_passwd_auto" ]; then
	root_chpasswd "$in_passwd_auto"
    elif [ -z "$in_passwd_1" -a -z "$in_passwd_2" ]; then
	write_error "`_ "You should define a password for system administrator"`"
    elif [ "$in_passwd_1" != "$in_passwd_2" ]; then
	write_error "`_ "Passwords mismatch"`"
    else
	root_chpasswd "$in_passwd_1"
    fi
}

generate_password()
{
    write_string_param passwd_auto "$(pwqgen)"
}

alterator_export_proc ssh_key_add
alterator_export_proc ssh_key_del
alterator_export_proc ssh_key_list

alterator_export_proc change_password
alterator_export_proc generate_password

message_loop
alterator-root-1.1/runtests000075500000000000000000000002131130076135700161430ustar00rootroot00000000000000#!/bin/sh -u

. shell-unittest
. alterator-unittest-functions

unitdir=test

### runtests
for i in "$unitdir"/*; do . $i;done
runUnitTests
alterator-root-1.1/test/000075500000000000000000000000001130076135700153115ustar00rootroot00000000000000alterator-root-1.1/test/root000064400000000000000000000010541130076135700162170ustar00rootroot00000000000000#!/bin/sh

appendTests \
    test_root_password 

test_root_password()
{
    local passwd="$(pwqgen)"
    alterator-cmdline -l /root action write commit true passwd_1 "$passwd" passwd_2 "$passwd"
    printf "root\0%s" "$passwd" | alterator-chkpwd
    assertEquals "$?" "0"

    alterator-cmdline -l /root action write commit true passwd_auto "$passwd"
    printf "root\0%s" "$passwd" | alterator-chkpwd
    assertEquals "$?" "0"

    alterator-cmdline -l /root action write commit true passwd_1 "$passwd" passwd_2 "fake$passwd"
    assertEquals "$?" "1"
}
alterator-root-1.1/ui/000075500000000000000000000000001130076135700147475ustar00rootroot00000000000000alterator-root-1.1/ui/root/000075500000000000000000000000001130076135700157325ustar00rootroot00000000000000alterator-root-1.1/ui/root/ajax.scm000064400000000000000000000043241130076135700173640ustar00rootroot00000000000000(define-module (ui root ajax)
    :use-module (alterator ajax)
    :use-module (alterator algo)
    :use-module (alterator woo)
    :use-module (alterator effect)
    :export (init
             init-passwordbox
             commit-passwordbox
             ))

;; private passwordbox API

(define (generate-passwordbox)
  (form-update-value-list
    '("passwd_auto")
    (woo-call "/root/generate_password")))

(define (update-passwordbox)
  (form-update-value "passwd_1" "")
  (form-update-value "passwd_2" "")
  (form-update-value "passwd_auto" "")
  (form-update-value "auto" #f)
  (generate-passwordbox)
  (update-effect))

;; public passwordbox API

(define (init-passwordbox)
  ;; effects
  (effect-show "passwd_1" "auto" #f)
  (effect-show "passwd_2" "auto" #f)
  (effect-show "passwd_auto" "auto" #t)
  (effect-show "generate_button" "auto" #t)
  ;; generate button
  (form-bind "generate_button" "click" generate-passwordbox)
  (update-passwordbox))

(define (commit-passwordbox)
  (apply woo-call "/root/change_password"
         'language (form-value "language")
	 (form-value-list '("auto" "passwd_1" "passwd_2" "passwd_auto")))
  (update-passwordbox))

;;; current form specific API

(define (ui-write)
  (form-update-visibility "passwd_message" #f)
  (catch/message
    (lambda()
        (commit-passwordbox)
	(form-update-visibility "passwd_message" #t))))

(define (ui-key-read)
  (catch/message
   (lambda()
     (form-update-enum "key" (woo-call "/root/ssh_key_list")))))

(define (ui-key-add)
  (call-with-form-file
      "key_file"
      (lambda(path)
        (catch/message
          (lambda()
            (woo-call "/root/ssh_key_add"
                      'language (form-value "language")
                      'key_file path)
            (ui-key-read))))))

(define (ui-key-del)
  (catch/message
    (lambda()
        (woo-call "/root/ssh_key_del"
                   'language (form-value "language")
                   'key (form-value "key"))
            (ui-key-read))))

(define (init)
  ;; password
  (init-passwordbox)
  (init-effect)
  (form-bind "apply_button" "click" ui-write)
  ;; ssh keys
  (ui-key-read)
  (form-bind-upload "add_key_button" "click" "key_file" ui-key-add)
  (form-bind "del_key_button" "click" ui-key-del))
alterator-root-1.1/ui/root/index.html000064400000000000000000000045311130076135700177320ustar00rootroot00000000000000<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
<!-- user administration module -->
<html wf="none">
  <body>
    <form method="POST" enctype="multipart/form-data">
      <table>
	<tr>
	    <td colspan="2"><span translate="_">Password for system administrator:</span></td>
	</tr>
	<tr>
	    <td colspan="2">&nbsp;</td>
	</tr>
	<tr>
	    <td>
		<input type="checkbox" name="auto" value="#t"/>
		<span translate="_">Generate automatically</span>
	    </td>
	    <td>&nbsp;</td>
	</tr>
	<tr>
	    <td><input type="password" name="passwd_1" class="text"/></td>
	    <td style="width:100%"><small><span translate="_" name="passwd_1">(enter passphrase)</span></small></td>
	</tr>
	<tr>
	    <td><input type="password" name="passwd_2" class="text"/></td>
	    <td><small><span translate="_" name="passwd_2">(repeat passphrase)</span></small></td>
	</tr>
	<tr>
	    <td><input type="text" name="passwd_auto" class="text" style="display:none"/></td>
	    <td><input type="button" class="btn" name="generate_button" value="Generate" style="display:none"/></td>
	</tr>
	<tr>
	    <td colspan="2"><span name="passwd_auto" style="display:none">&nbsp;</span></td>
	</tr>
	<tr>
	    <td colspan="2">
		<span name="passwd_message" style="display:none" class="alterator-information-message">
		<img src="/design/images/information.gif"/>
		<span translate="_">Administrator's password successfully updated</span>
		</span>
	    </td>
	</tr>
	<tr>
	    <td colspan="2">&nbsp;</td>
	</tr>
	<tr>
	    <td>
		<input type="button" class="btn" name="apply_button" value="Change password" />
	    </td>
	    <td>&nbsp;</td>
	</tr>
	<tr>
	    <td colspan="2"><hr/></td>
	</tr>
	<tr>
	    <td colspan="2">&nbsp;</td>
	</tr>
	<tr>
	    <td colspan="2"><span translate="_">Authorized ssh keys:</span></td>
	</tr>
	<tr>
	    <td colspan="2" style="width:100%">
		<table>
		    <tr>
			<td><select size="5" name="key" style="width:98%"/></td>
			<td><input type="button" class="btn" name="del_key_button" value="Delete key" style="vertical-align:top"/></td>
		    </tr>
		    <tr>
			<td>
			    <span translate="_">New key:</span>
			    &nbsp;<input name="key_file" type="file" class="btn"/>&nbsp;
			</td>
			<td><input type="button" class="btn" name="add_key_button" value="Add"/></td>
		    </tr>
		</table>
	    </td>
	</tr>
      </table>
    </form>
  </body>
</html>
alterator-root-1.1/ui/root/index.scm000064400000000000000000000035511130076135700175510ustar00rootroot00000000000000(document:surround "/std/frame")

;;; Functions

(define (ui-generate)
  (form-update-value-list
    '("passwd_auto")
    (woo-call "/root/generate_password")))

(define (ui-read)
  (form-update-value "passwd_1" "")
  (form-update-value "passwd_2" "")
  (form-update-value "passwd_auto" "")
  (form-update-value "auto" #f)
  (ui-generate)
  (update-effect))

(define (ui-write)
  (catch/message
    (lambda()
	(apply woo-call "/root/change_password"
		   'language (form-value "language")
		   (form-value-list '("auto" "passwd_1" "passwd_2" "passwd_auto")))
	(ui-read))))

(define (ui-init)
  (effect-show "passwd_1" "auto" #f)
  (effect-show "passwd_2" "auto" #f)
  (effect-show "passwd_auto" "auto" #t)
  (effect-show "generate_button" "auto" #t)
  (init-effect)
  (ui-read)
  (form-bind "generate_button" "click" ui-generate)
  (or (global 'frame:next)
      (form-bind "apply_button" "click" ui-write)))

;;; UI

(gridbox columns "20;60;20"
	(spacer)
	(label text (_ "Setup password for system administrator:"))
	(spacer)

	(spacer)
	(gridbox
	  columns "100;0"
	  (checkbox text (_ "Generate automatically") name "auto")
	  (spacer)
	  (edit name "passwd_1" echo "stars" visibility #f focus #t)
	  (label name "passwd_1" text (small (_ "(enter passphrase)")) visibility #f)
	  (edit name "passwd_2" echo "stars" visibility #f)
	  (label name "passwd_1" text (small (_ "(repeat passphrase)")) visibility #f)
	  (edit name "passwd_auto" visibility #f)
	  (button text (_ "Generate") name "generate_button" visibility #f)
	  (label colspan 2 name "passwd_auto" visibility #f))
	(spacer)

	(label colspan 3)

	(spacer)
	(if (global 'frame:next)
	    (label)
	    (button text (_ "Apply") name "apply_button" align "left"))
	(spacer))

;;; Logic

(frame:on-next (thunk (or (ui-write) 'cancel)))

(document:root
  (when loaded
   (ui-init)
   (and (global 'frame:next) (frame:back-activity #f))))
 
design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin