diff options
author | Ludovic Courtès <ludo@gnu.org> | 2013-09-11 00:54:20 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2013-09-11 01:07:50 +0200 |
commit | 3b07625ad667bf586ae5e3b2ca579933dc261dbe (patch) | |
tree | 437cf9d968b16c8d70439bc4634f50ae3e5c5738 | |
parent | 37c825eb79e18ac61080e626db6cff6552fd5cf4 (diff) | |
download | guix-3b07625ad667bf586ae5e3b2ca579933dc261dbe.tar.gz |
gnu: vm: Create shadow files with the right format.
* gnu/system/vm.scm (passwd-file): When SHADOW? is true, use the right shadow(5) format. Always add a trailing newline.
-rw-r--r-- | gnu/system/vm.scm | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm index 5128bdfd29..7ad87254d8 100644 --- a/gnu/system/vm.scm +++ b/gnu/system/vm.scm @@ -367,21 +367,25 @@ It can be used to provide additional files, such as /etc files." "Return a password file for ACCOUNTS, a list of vectors as returned by 'getpwnam'. If SHADOW? is true, then it is a /etc/shadow file, otherwise it is a /etc/passwd file." - ;; XXX: The resulting file is world-readable, so don't rely on it! + ;; XXX: The resulting file is world-readable, so beware when SHADOW? is #t! (define contents (let loop ((accounts accounts) (result '())) (match accounts ((#(name pass uid gid comment home-dir shell) rest ...) (loop rest - (cons (string-append name - ":" (if shadow? pass "x") - ":" (number->string uid) - ":" (number->string gid) - ":" comment ":" home-dir ":" shell) + (cons (if shadow? + (string-append name + ":" ; XXX: use (crypt PASS …)? + ":::::::") + (string-append name + ":" "x" + ":" (number->string uid) + ":" (number->string gid) + ":" comment ":" home-dir ":" shell)) result))) (() - (string-concatenate-reverse result))))) + (string-join (reverse result) "\n" 'suffix))))) (add-text-to-store store (if shadow? "shadow" "passwd") contents '())) |