[enh] Synchronize root and admin password

2024-09-03 20:06:10 +02:00 · 2018-08-30 01:34:12 +02:00 · 2018-08-30 01:34:12 +02:00 · 2d5077e2ea
commit 2d5077e2ea
parent 6aef80cd25
3 changed files with 18 additions and 4 deletions
--- a/data/actionsmap/yunohost.yml
+++ b/data/actionsmap/yunohost.yml
@ -1438,7 +1438,7 @@ tools:

        ### tools_adminpw()
        adminpw:
-            action_help: Change admin password
+            action_help: Change password of admin and root users
            api: PUT /adminpw
            configuration:
                authenticate: all
--- a/locales/en.json
+++ b/locales/en.json
@ -364,6 +364,7 @@
    "restore_running_app_script": "Running restore script of app '{app:s}'...",
    "restore_running_hooks": "Running restoration hooks...",
    "restore_system_part_failed": "Unable to restore the '{part:s}' system part",
+    "root_password_desynchronized": "Password of the user admin has been changed, but Root password has not been synchronized with your new admin password !",
    "server_shutdown": "The server will shutdown",
    "server_shutdown_confirm": "The server will shutdown immediatly, are you sure? [{answers:s}]",
    "server_reboot": "The server will reboot",
--- a/src/yunohost/tools.py
+++ b/src/yunohost/tools.py
@ -127,15 +127,28 @@ def tools_adminpw(auth, new_password):

    """
    from yunohost.user import _hash_user_password
+    import spwd
+    new_hash = _hash_user_password(new_password)
    try:
-        auth.update("cn=admin", {
-            "userPassword": _hash_user_password(new_password),
-        })
+        auth.update("cn=admin", { "userPassword": new_hash, })
    except:
        logger.exception('unable to change admin password')
        raise MoulinetteError(errno.EPERM,
                              m18n.n('admin_password_change_failed'))
    else:
+        # Write as root password
+        try:
+            hash_root = spwd.getspnam("root").sp_pwd
+
+            with open('/etc/shadow', 'r') as before_file:
+                before = before_file.read()
+
+            with open('/etc/shadow', 'w') as after_file:
+                after_file.write(before.replace("root:" + hash_root,
+                                                "root:" + new_hash))
+        except IOError as e:
+            logger.warning(m18n.n('root_password_desynchronized'))
+            return
        logger.success(m18n.n('admin_password_changed'))