|
 |
1756dc |
From bf05c4a72237eacf649b09888bdf536e0b7721a5 Mon Sep 17 00:00:00 2001
|
|
|
1756dc |
From: Adam Williamson <awilliam@redhat.com>
|
|
|
1756dc |
Date: Tue, 28 Aug 2018 11:49:35 -0700
|
|
|
1756dc |
Subject: [PATCH 03/16] Don't write options without value to pwquality conf
|
|
|
1756dc |
(#1618865)
|
|
|
1756dc |
|
|
|
1756dc |
Per https://bugzilla.redhat.com/show_bug.cgi?id=1618865 , it is
|
|
|
1756dc |
incorrect to write lines like this in a pwquality config file:
|
|
|
1756dc |
|
|
|
1756dc |
minlen=
|
|
|
1756dc |
minclass=
|
|
|
1756dc |
maxrepeat=
|
|
|
1756dc |
maxclassrepeat=
|
|
|
1756dc |
|
|
|
1756dc |
There should either be an actual integer value, or the line
|
|
|
1756dc |
should be omitted entirely. Including the option with no value
|
|
|
1756dc |
is wrong and breaks pwquality. This should fix the problem by
|
|
|
1756dc |
only writing the lines if the option is actually set.
|
|
|
1756dc |
|
|
|
1756dc |
Signed-off-by: Adam Williamson <awilliam@redhat.com>
|
|
|
1756dc |
---
|
|
|
1756dc |
src/compat/authcompat.py.in.in | 11 +++++++----
|
|
|
1756dc |
1 file changed, 7 insertions(+), 4 deletions(-)
|
|
|
1756dc |
|
|
|
1756dc |
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
|
|
1756dc |
index abe1e585954ccd5ac555339f23c175e941c76ea3..1b4f531b021c1e2e8fd99bd081094da365c0c64e 100755
|
|
|
1756dc |
--- a/src/compat/authcompat.py.in.in
|
|
|
1756dc |
+++ b/src/compat/authcompat.py.in.in
|
|
|
1756dc |
@@ -319,10 +319,13 @@ class Configuration:
|
|
|
1756dc |
def write(self):
|
|
|
1756dc |
config = EnvironmentFile(Path.System('pwquality.conf'))
|
|
|
1756dc |
|
|
|
1756dc |
- config.set("minlen", self.get("passminlen"))
|
|
|
1756dc |
- config.set("minclass", self.get("passminclass"))
|
|
|
1756dc |
- config.set("maxrepeat", self.get("passmaxrepeat"))
|
|
|
1756dc |
- config.set("maxclassrepeat", self.get("passmaxclassrepeat"))
|
|
|
1756dc |
+ # for each if these options, we want to write a line to the config
|
|
|
1756dc |
+ # *only if* it is set to an actual value, see
|
|
|
1756dc |
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1618865
|
|
|
1756dc |
+ for pwval in ["minlen", "minclass", "maxrepeat", "maxclassrepeat"]:
|
|
|
1756dc |
+ if self.isset("pass{0}".format(pwval)):
|
|
|
1756dc |
+ config.set(pwval, self.get("pass{0}".format(pwval)))
|
|
|
1756dc |
+
|
|
|
1756dc |
config.set("lcredit", self.getBoolAsValue("reqlower", -1, 0))
|
|
|
1756dc |
config.set("ucredit", self.getBoolAsValue("requpper", -1, 0))
|
|
|
1756dc |
config.set("dcredit", self.getBoolAsValue("reqdigit", -1, 0))
|
|
|
1756dc |
--
|
|
|
1756dc |
2.17.1
|
|
|
1756dc |
|