Skip to content

Commit

Permalink
Improve no-root-password with more knowledge from the manpages
Browse files Browse the repository at this point in the history
  • Loading branch information
@tianon
tianon committed May 15, 2015
1 parent df18ad2 commit d94242d
Showing 1 changed file with 21 additions and 1 deletion.
22 changes: 21 additions & 1 deletion test/tests/no-root-password/run.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,27 @@
set -e

pass="$(docker run --rm --entrypoint awk "$1" -F ':' '$1 == "root" { print $2 }' /etc/passwd)"

if [ "$pass" = 'x' ]; then
# 'x' means password is in /etc/shadow instead
pass="$(docker run --rm --entrypoint awk --user root "$1" -F ':' '$1 == "root" { print $2 }' /etc/shadow)"
fi
[ -z "$pass" -o "$pass" = '*' ]

if [ -z "$pass" -o "$pass" = '*' ]; then
# '*' and '' mean no password
exit 0
fi

if [ "${pass:0:1}" = '!' ]; then
# '!anything' means "locked" password
echo >&2 "warning: locked password detected for root: '$pass'"
exit 0
fi

if [ "${pass:0:1}" = '$' ]; then
# gotta be crypt ($id$salt$encrypted), must be a fail
echo >&2 "error: crypt password detected for root: '$pass'"
exit 1
fi

exit 0

0 comments on commit d94242d

Please sign in to comment.