aboutsummaryrefslogtreecommitdiffstats
path: root/hook/passwd
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2013-05-27 11:37:25 +0200
committerGravatar Christian Hesse <mail@eworm.de>2013-05-27 11:37:25 +0200
commit4d4cdfc22760b68f0e3f9c62437ef7a2f0438d60 (patch)
tree781afc3a5cfaf1fa42fddc8963d1b5efd597181f /hook/passwd
parentff6760bac19257d350293f4219e8ad2b65c614a3 (diff)
downloadmkinitcpio-passwd-4d4cdfc22760b68f0e3f9c62437ef7a2f0438d60.tar.gz
mkinitcpio-passwd-4d4cdfc22760b68f0e3f9c62437ef7a2f0438d60.tar.zst
Initial import0.1.0
Diffstat (limited to 'hook/passwd')
-rw-r--r--hook/passwd58
1 files changed, 58 insertions, 0 deletions
diff --git a/hook/passwd b/hook/passwd
new file mode 100644
index 0000000..2e27136
--- /dev/null
+++ b/hook/passwd
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+run_latehook() {
+ local newroot="/new_root/"
+ OLDIFS="${IFS}"
+ IFS=","
+
+ # set cleartext password
+ if [[ -n "${password}" ]]; then
+ for password_split in ${password}; do
+ password_user="$(echo ${password_split} | cut -d: -f1)"
+ password_pass="$(echo ${password_split} | cut -d: -f2)"
+ if [[ "${password_user}" = "${password_pass}" ]]; then
+ msg ":: Username equals password or invalid option, nothing changed."
+ else
+ msg ":: Setting password for user '${password_user}'..."
+ echo ${password_split} | chpasswd -R ${newroot}
+ fi
+ done
+ fi
+
+ # set password hash
+ if [[ -n "${pwhash}" ]]; then
+ for pwhash_split in ${pwhash}; do
+ pwhash_user="$(echo ${pwhash_split} | cut -d: -f1)"
+ pwhash_hash="$(echo ${pwhash_split} | cut -d: -f2)"
+ if [[ "${pwhash_user}" = "${pwhash_hash}" ]]; then
+ msg ":: Invalid option, no password changed."
+ else
+ msg ":: Setting password for user '${pwhash_user}'..."
+ usermod -p "${pwhash_hash}" -R ${newroot} "${pwhash_user}"
+ fi
+ done
+ fi
+
+ # set authorized keys
+ if [[ -n "${authorized_key}" ]]; then
+ for authorized_key_split in ${authorized_key}; do
+ authorized_key_user="$(echo ${authorized_key_split} | cut -d: -f1)"
+ authorized_key_type="$(echo ${authorized_key_split} | cut -d: -f2)"
+ authorized_key_key="$(echo ${authorized_key_split} | cut -d: -f3)"
+ if [[ "${authorized_key_type}" = "${authorized_key_key}" ]]; then
+ msg ":: Invalid option, no authorized key added."
+ else
+ authorized_key_home=$(egrep ^${authorized_key_user}: ${newroot}/etc/passwd | cut -d: -f 6)
+ if [[ ! -d "${newroot}/${authorized_key_home}" ]]; then
+ msg ":: Home dir for user '${authorized_key_user}' does not exist."
+ else
+ msg ":: Adding authorized key for user '${authorized_key_user}'..."
+ mkdir -p "${newroot}/${authorized_key_home}/.ssh"
+ echo "${authorized_key_type} ${authorized_key_key} mkinitcpio" >> "${newroot}/${authorized_key_home}/.ssh/authorized_keys"
+ fi
+ fi
+ done
+ fi
+
+ IFS="${OLDIFS}"
+}