aboutsummaryrefslogtreecommitdiff
path: root/gnu/installer
diff options
context:
space:
mode:
authorJosselin Poiret <dev@jpoiret.xyz>2022-01-15 14:50:10 +0100
committerMathieu Othacehe <othacehe@gnu.org>2022-02-02 16:46:44 +0100
commit112ef30b84744872b3a7617d9e54b3df5db95560 (patch)
tree3f097eb44042246716e683c3877e8a0f2d38ecc0 /gnu/installer
parent41eb0f01fcf05902be9972cc993fdb332edb928c (diff)
downloadguix-112ef30b84744872b3a7617d9e54b3df5db95560.tar.gz
guix-112ef30b84744872b3a7617d9e54b3df5db95560.zip
installer: Turn passwords into opaque records.
* gnu/installer/user.scm (<secret>, secret?, make-secret, secret-content): Add opaque <secret> record that boxes its contents, with a custom printer that doesn't display anything. * gnu/installer/newt/user.scm (run-user-add-page, run-user-page): Box it. * gnu/installer/final.scm (create-user-database): Unbox it. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Diffstat (limited to 'gnu/installer')
-rw-r--r--gnu/installer/final.scm5
-rw-r--r--gnu/installer/newt/user.scm6
-rw-r--r--gnu/installer/user.scm19
3 files changed, 24 insertions, 6 deletions
diff --git a/gnu/installer/final.scm b/gnu/installer/final.scm
index 63e5073ff4..2087536502 100644
--- a/gnu/installer/final.scm
+++ b/gnu/installer/final.scm
@@ -85,8 +85,9 @@ USERS."
(uid (if root? 0 #f))
(home-directory
(user-home-directory user))
- (password (crypt (user-password user)
- (salt)))
+ (password (crypt
+ (secret-content (user-password user))
+ (salt)))
;; We need a string here, not a file-like, hence
;; this choice.
diff --git a/gnu/installer/newt/user.scm b/gnu/installer/newt/user.scm
index 97141cfe64..7c1cc2249d 100644
--- a/gnu/installer/newt/user.scm
+++ b/gnu/installer/newt/user.scm
@@ -143,7 +143,7 @@ REAL-NAME, and HOME-DIRECTORY as the initial values in the form."
(name name)
(real-name real-name)
(home-directory home-directory)
- (password password))
+ (password (make-secret password)))
(run-user-add-page #:name name
#:real-name real-name
#:home-directory
@@ -266,7 +266,7 @@ administrator (\"root\").")
(map (lambda (name real-name home password)
(user (name name) (real-name real-name)
(home-directory home)
- (password password)))
+ (password (make-secret password))))
names real-names homes passwords))))))
(lambda ()
(destroy-form-and-pop form))))))
@@ -274,5 +274,5 @@ administrator (\"root\").")
;; Add a "root" user simply to convey the root password.
(cons (user (name "root")
(home-directory "/root")
- (password (run-root-password-page)))
+ (password (make-secret (run-root-password-page))))
(run '())))
diff --git a/gnu/installer/user.scm b/gnu/installer/user.scm
index 4e701e64ce..c894a91dc8 100644
--- a/gnu/installer/user.scm
+++ b/gnu/installer/user.scm
@@ -19,7 +19,14 @@
(define-module (gnu installer user)
#:use-module (guix records)
#:use-module (srfi srfi-1)
- #:export (<user>
+ #:use-module (srfi srfi-9)
+ #:use-module (srfi srfi-9 gnu)
+ #:export (<secret>
+ secret?
+ make-secret
+ secret-content
+
+ <user>
user
make-user
user-name
@@ -30,6 +37,16 @@
users->configuration))
+(define-record-type <secret>
+ (make-secret content)
+ secret?
+ (content secret-content))
+
+(set-record-type-printer!
+ <secret>
+ (lambda (secret port)
+ (format port "<secret>")))
+
(define-record-type* <user>
user make-user
user?