andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone

Blame SOURCES/0004-Issue-50816-dsconf-allows-the-root-password-to-be-se.patch

8394b4
From 44e46e0dd71567756928be3f773d09cc2cee22c2 Mon Sep 17 00:00:00 2001
8394b4
From: Mark Reynolds <mreynolds@redhat.com>
8394b4
Date: Mon, 13 Jan 2020 17:58:52 -0500
8394b4
Subject: [PATCH] Issue 50816 - dsconf allows the root password to be set to
8394b4
 nothing
8394b4
8394b4
Bug Description:  dsconf allows you to set the root DN password to nothing/
8394b4
8394b4
Fix Description:  Do not allow the root DN password to be set to nothing
8394b4
8394b4
relates: https://pagure.io/389-ds-base/issue/50816
8394b4
8394b4
Reviewed by: firstyear(Thanks!)
8394b4
---
8394b4
 src/lib389/lib389/idm/directorymanager.py | 2 ++
8394b4
 1 file changed, 2 insertions(+)
8394b4
8394b4
diff --git a/src/lib389/lib389/idm/directorymanager.py b/src/lib389/lib389/idm/directorymanager.py
8394b4
index bb3b58355..4c573e7b4 100644
8394b4
--- a/src/lib389/lib389/idm/directorymanager.py
8394b4
+++ b/src/lib389/lib389/idm/directorymanager.py
8394b4
@@ -31,6 +31,8 @@ class DirectoryManager(Account):
8394b4
         self._protected = True
8394b4
 
8394b4
     def change_password(self, new_password):
8394b4
+        if new_password == "":
8394b4
+            raise ValueError("You can not set the Directory Manager password to nothing")
8394b4
         self._instance.config.set('nsslapd-rootpw', new_password)
8394b4
 
8394b4
     def bind(self, password=PW_DM, *args, **kwargs):
8394b4
-- 
8394b4
2.21.1
8394b4