From: Dan Nicholson Date: Tue, 30 Jul 2024 17:11:11 +0000 (-0600) Subject: firstboot: create locked and empty root passwords consistently X-Git-Tag: v257-rc1~773^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5088de9daa156a095e79684c658f9035db971538;p=thirdparty%2Fsystemd.git firstboot: create locked and empty root passwords consistently Although locked and empty passwords in /etc/passwd are treated the same, in all other cases the entry is configured to read the password from /etc/shadow. --- diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index c70bfa468fd..acbe3e29b68 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -1142,10 +1142,13 @@ static int process_root_account(int rfd) { password = PASSWORD_SEE_SHADOW; hashed_password = _hashed_password; - } else if (arg_delete_root_password) - password = hashed_password = PASSWORD_NONE; - else - password = hashed_password = PASSWORD_LOCKED_AND_INVALID; + } else if (arg_delete_root_password) { + password = PASSWORD_SEE_SHADOW; + hashed_password = PASSWORD_NONE; + } else { + password = PASSWORD_SEE_SHADOW; + hashed_password = PASSWORD_LOCKED_AND_INVALID; + } r = write_root_passwd(rfd, pfd, password, arg_root_shell); if (r < 0) diff --git a/test/units/TEST-74-AUX-UTILS.firstboot.sh b/test/units/TEST-74-AUX-UTILS.firstboot.sh index 2569ad88167..48792c4c676 100755 --- a/test/units/TEST-74-AUX-UTILS.firstboot.sh +++ b/test/units/TEST-74-AUX-UTILS.firstboot.sh @@ -211,7 +211,7 @@ echo -ne "\nfoobar\n" | systemd-firstboot --root="$ROOT" --prompt-hostname grep -q "foobar" "$ROOT/etc/hostname" # With no root password provided, a locked account should be created. systemd-firstboot --root="$ROOT" --prompt-root-password