diff options
| author | Josselin Poiret <dev@jpoiret.xyz> | 2022-01-15 14:50:10 +0100 |
|---|---|---|
| committer | Mathieu Othacehe <othacehe@gnu.org> | 2022-01-17 08:49:22 +0100 |
| commit | 237a0e61e249e4053120f55695ac45b3ae7b0297 (patch) | |
| tree | 3e728520708f53dabaf99ad9718f5ed5798253a3 | |
| parent | 16b2bd9d04f25d35b36b687ca8d488f59e8ca1c3 (diff) | |
| download | guix-237a0e61e249e4053120f55695ac45b3ae7b0297.tar.gz | |
installer: Turn passwords into opaque records.
* gnu/installer/user.scm (<secret>, secret?, make-secret, secret-content): Add opaque <secret> record that boxes its contents, with a custom printer that doesn't display anything. * gnu/installer/newt/user.scm (run-user-add-page, run-user-page): Box it. * gnu/installer/final.scm (create-user-database): Unbox it. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
| -rw-r--r-- | gnu/installer/final.scm | 5 | ||||
| -rw-r--r-- | gnu/installer/newt/user.scm | 6 | ||||
| -rw-r--r-- | gnu/installer/user.scm | 19 |
3 files changed, 24 insertions, 6 deletions
diff --git a/gnu/installer/final.scm b/gnu/installer/final.scm index 63e5073ff4..2087536502 100644 --- a/gnu/installer/final.scm +++ b/gnu/installer/final.scm @@ -85,8 +85,9 @@ USERS." (uid (if root? 0 #f)) (home-directory (user-home-directory user)) - (password (crypt (user-password user) - (salt))) + (password (crypt + (secret-content (user-password user)) + (salt))) ;; We need a string here, not a file-like, hence ;; this choice. diff --git a/gnu/installer/newt/user.scm b/gnu/installer/newt/user.scm index 97141cfe64..7c1cc2249d 100644 --- a/gnu/installer/newt/user.scm +++ b/gnu/installer/newt/user.scm @@ -143,7 +143,7 @@ REAL-NAME, and HOME-DIRECTORY as the initial values in the form." (name name) (real-name real-name) (home-directory home-directory) - (password password)) + (password (make-secret password))) (run-user-add-page #:name name #:real-name real-name #:home-directory @@ -266,7 +266,7 @@ administrator (\"root\").") (map (lambda (name real-name home password) (user (name name) (real-name real-name) (home-directory home) - (password password))) + (password (make-secret password)))) names real-names homes passwords)))))) (lambda () (destroy-form-and-pop form)))))) @@ -274,5 +274,5 @@ administrator (\"root\").") ;; Add a "root" user simply to convey the root password. (cons (user (name "root") (home-directory "/root") - (password (run-root-password-page))) + (password (make-secret (run-root-password-page)))) (run '()))) diff --git a/gnu/installer/user.scm b/gnu/installer/user.scm index 4e701e64ce..c894a91dc8 100644 --- a/gnu/installer/user.scm +++ b/gnu/installer/user.scm @@ -19,7 +19,14 @@ (define-module (gnu installer user) #:use-module (guix records) #:use-module (srfi srfi-1) - #:export (<user> + #:use-module (srfi srfi-9) + #:use-module (srfi srfi-9 gnu) + #:export (<secret> + secret? + make-secret + secret-content + + <user> user make-user user-name @@ -30,6 +37,16 @@ users->configuration)) +(define-record-type <secret> + (make-secret content) + secret? + (content secret-content)) + +(set-record-type-printer! + <secret> + (lambda (secret port) + (format port "<secret>"))) + (define-record-type* <user> user make-user user? |