mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-26 04:29:25 -05:00
installer: Turn passwords into opaque records.
* gnu/installer/user.scm (<secret>, secret?, make-secret, secret-content): Add opaque <secret> record that boxes its contents, with a custom printer that doesn't display anything. * gnu/installer/newt/user.scm (run-user-add-page, run-user-page): Box it. * gnu/installer/final.scm (create-user-database): Unbox it. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
This commit is contained in:
parent
41eb0f01fc
commit
112ef30b84
3 changed files with 24 additions and 6 deletions
|
@ -85,8 +85,9 @@ (define root?
|
||||||
(uid (if root? 0 #f))
|
(uid (if root? 0 #f))
|
||||||
(home-directory
|
(home-directory
|
||||||
(user-home-directory user))
|
(user-home-directory user))
|
||||||
(password (crypt (user-password user)
|
(password (crypt
|
||||||
(salt)))
|
(secret-content (user-password user))
|
||||||
|
(salt)))
|
||||||
|
|
||||||
;; We need a string here, not a file-like, hence
|
;; We need a string here, not a file-like, hence
|
||||||
;; this choice.
|
;; this choice.
|
||||||
|
|
|
@ -143,7 +143,7 @@ (define (pad-label label)
|
||||||
(name name)
|
(name name)
|
||||||
(real-name real-name)
|
(real-name real-name)
|
||||||
(home-directory home-directory)
|
(home-directory home-directory)
|
||||||
(password password))
|
(password (make-secret password)))
|
||||||
(run-user-add-page #:name name
|
(run-user-add-page #:name name
|
||||||
#:real-name real-name
|
#:real-name real-name
|
||||||
#:home-directory
|
#:home-directory
|
||||||
|
@ -266,7 +266,7 @@ (define (run users)
|
||||||
(map (lambda (name real-name home password)
|
(map (lambda (name real-name home password)
|
||||||
(user (name name) (real-name real-name)
|
(user (name name) (real-name real-name)
|
||||||
(home-directory home)
|
(home-directory home)
|
||||||
(password password)))
|
(password (make-secret password))))
|
||||||
names real-names homes passwords))))))
|
names real-names homes passwords))))))
|
||||||
(lambda ()
|
(lambda ()
|
||||||
(destroy-form-and-pop form))))))
|
(destroy-form-and-pop form))))))
|
||||||
|
@ -274,5 +274,5 @@ (define (run users)
|
||||||
;; Add a "root" user simply to convey the root password.
|
;; Add a "root" user simply to convey the root password.
|
||||||
(cons (user (name "root")
|
(cons (user (name "root")
|
||||||
(home-directory "/root")
|
(home-directory "/root")
|
||||||
(password (run-root-password-page)))
|
(password (make-secret (run-root-password-page))))
|
||||||
(run '())))
|
(run '())))
|
||||||
|
|
|
@ -19,7 +19,14 @@
|
||||||
(define-module (gnu installer user)
|
(define-module (gnu installer user)
|
||||||
#:use-module (guix records)
|
#:use-module (guix records)
|
||||||
#:use-module (srfi srfi-1)
|
#:use-module (srfi srfi-1)
|
||||||
#:export (<user>
|
#:use-module (srfi srfi-9)
|
||||||
|
#:use-module (srfi srfi-9 gnu)
|
||||||
|
#:export (<secret>
|
||||||
|
secret?
|
||||||
|
make-secret
|
||||||
|
secret-content
|
||||||
|
|
||||||
|
<user>
|
||||||
user
|
user
|
||||||
make-user
|
make-user
|
||||||
user-name
|
user-name
|
||||||
|
@ -30,6 +37,16 @@ (define-module (gnu installer user)
|
||||||
|
|
||||||
users->configuration))
|
users->configuration))
|
||||||
|
|
||||||
|
(define-record-type <secret>
|
||||||
|
(make-secret content)
|
||||||
|
secret?
|
||||||
|
(content secret-content))
|
||||||
|
|
||||||
|
(set-record-type-printer!
|
||||||
|
<secret>
|
||||||
|
(lambda (secret port)
|
||||||
|
(format port "<secret>")))
|
||||||
|
|
||||||
(define-record-type* <user>
|
(define-record-type* <user>
|
||||||
user make-user
|
user make-user
|
||||||
user?
|
user?
|
||||||
|
|
Loading…
Reference in a new issue