diff options
author | Josselin Poiret <dev@jpoiret.xyz> | 2022-01-15 14:50:10 +0100 |
---|---|---|
committer | Mathieu Othacehe <othacehe@gnu.org> | 2022-02-02 16:46:44 +0100 |
commit | 112ef30b84744872b3a7617d9e54b3df5db95560 (patch) | |
tree | 3f097eb44042246716e683c3877e8a0f2d38ecc0 /gnu/installer | |
parent | 41eb0f01fcf05902be9972cc993fdb332edb928c (diff) | |
download | guix-112ef30b84744872b3a7617d9e54b3df5db95560.tar.gz guix-112ef30b84744872b3a7617d9e54b3df5db95560.zip |
installer: Turn passwords into opaque records.
* gnu/installer/user.scm (<secret>, secret?, make-secret,
secret-content): Add opaque <secret> record that boxes its contents,
with a custom printer that doesn't display anything.
* gnu/installer/newt/user.scm (run-user-add-page, run-user-page): Box
it.
* gnu/installer/final.scm (create-user-database): Unbox it.
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Diffstat (limited to 'gnu/installer')
-rw-r--r-- | gnu/installer/final.scm | 5 | ||||
-rw-r--r-- | gnu/installer/newt/user.scm | 6 | ||||
-rw-r--r-- | gnu/installer/user.scm | 19 |
3 files changed, 24 insertions, 6 deletions
diff --git a/gnu/installer/final.scm b/gnu/installer/final.scm index 63e5073ff4..2087536502 100644 --- a/gnu/installer/final.scm +++ b/gnu/installer/final.scm @@ -85,8 +85,9 @@ USERS." (uid (if root? 0 #f)) (home-directory (user-home-directory user)) - (password (crypt (user-password user) - (salt))) + (password (crypt + (secret-content (user-password user)) + (salt))) ;; We need a string here, not a file-like, hence ;; this choice. diff --git a/gnu/installer/newt/user.scm b/gnu/installer/newt/user.scm index 97141cfe64..7c1cc2249d 100644 --- a/gnu/installer/newt/user.scm +++ b/gnu/installer/newt/user.scm @@ -143,7 +143,7 @@ REAL-NAME, and HOME-DIRECTORY as the initial values in the form." (name name) (real-name real-name) (home-directory home-directory) - (password password)) + (password (make-secret password))) (run-user-add-page #:name name #:real-name real-name #:home-directory @@ -266,7 +266,7 @@ administrator (\"root\").") (map (lambda (name real-name home password) (user (name name) (real-name real-name) (home-directory home) - (password password))) + (password (make-secret password)))) names real-names homes passwords)))))) (lambda () (destroy-form-and-pop form)))))) @@ -274,5 +274,5 @@ administrator (\"root\").") ;; Add a "root" user simply to convey the root password. (cons (user (name "root") (home-directory "/root") - (password (run-root-password-page))) + (password (make-secret (run-root-password-page)))) (run '()))) diff --git a/gnu/installer/user.scm b/gnu/installer/user.scm index 4e701e64ce..c894a91dc8 100644 --- a/gnu/installer/user.scm +++ b/gnu/installer/user.scm @@ -19,7 +19,14 @@ (define-module (gnu installer user) #:use-module (guix records) #:use-module (srfi srfi-1) - #:export (<user> + #:use-module (srfi srfi-9) + #:use-module (srfi srfi-9 gnu) + #:export (<secret> + secret? + make-secret + secret-content + + <user> user make-user user-name @@ -30,6 +37,16 @@ users->configuration)) +(define-record-type <secret> + (make-secret content) + secret? + (content secret-content)) + +(set-record-type-printer! + <secret> + (lambda (secret port) + (format port "<secret>"))) + (define-record-type* <user> user make-user user? |