napcok/calamares
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[users] Allow a configurable list of forbidden names

Browse Source 
- forbidden login names
- forbidden host names
This commit is contained in:
Adriaan de Groot 2022-05-09 14:49:15 +02:00
parent 7473462125
commit ef9bf2650c
2 changed files with 29 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/modules/users/Config.cpp
View File

@ -201,10 +201,9 @@ Config::setLoginName( const QString& login )
} }
const QStringList& const QStringList&
Config::forbiddenLoginNames() Config::forbiddenLoginNames() const
{ {
static QStringList forbidden { "root" }; return m_forbiddenLoginNames;
return forbidden;
} }
QString QString
@ -268,10 +267,9 @@ Config::setHostName( const QString& host )
} }
const QStringList& const QStringList&
Config::forbiddenHostNames() Config::forbiddenHostNames() const
{ {
static QStringList forbidden { "localhost" }; return m_forbiddenHostNames;
return forbidden;
} }
QString QString
@ -881,6 +879,18 @@ copyLegacy( const QVariantMap& source, const QString& sourceKey, QVariantMap& ta
} }
} }
/** @brief Tidy up a list of names
*
* Remove duplicates, apply lowercase, sort.
*/
static void
tidy( QStringList& l )
{
std::for_each( l.begin(), l.end(), []( QString& s ) { s = s.toLower(); } );
l.sort();
l.removeDuplicates();
}
void void
Config::setConfigurationMap( const QVariantMap& configurationMap ) Config::setConfigurationMap( const QVariantMap& configurationMap )
{ {
@ -899,6 +909,10 @@ Config::setConfigurationMap( const QVariantMap& configurationMap )
} }
// Now it might be explicitly set to empty, which is ok // Now it might be explicitly set to empty, which is ok
setUserShell( shell ); setUserShell( shell );
m_forbiddenLoginNames = CalamaresUtils::getStringList( userSettings, "forbidden_names" );
m_forbiddenLoginNames << QStringLiteral( "root" ) << QStringLiteral( "nobody" );
tidy( m_forbiddenLoginNames );
} }
setAutoLoginGroup( either< QString, const QString& >( setAutoLoginGroup( either< QString, const QString& >(
@ -920,6 +934,10 @@ Config::setConfigurationMap( const QVariantMap& configurationMap )
m_writeEtcHosts = CalamaresUtils::getBool( hostnameSettings, "writeHostsFile", true ); m_writeEtcHosts = CalamaresUtils::getBool( hostnameSettings, "writeHostsFile", true );
m_hostnameTemplate m_hostnameTemplate
= CalamaresUtils::getString( hostnameSettings, "template", QStringLiteral( "${first}-${product}" ) ); = CalamaresUtils::getString( hostnameSettings, "template", QStringLiteral( "${first}-${product}" ) );
m_forbiddenHostNames = CalamaresUtils::getStringList( hostnameSettings, "forbidden_names" );
m_forbiddenHostNames << QStringLiteral( "localhost" );
tidy( m_forbiddenHostNames );
} }
setConfigurationDefaultGroups( configurationMap, m_defaultGroups ); setConfigurationDefaultGroups( configurationMap, m_defaultGroups );

7
src/modules/users/Config.h
View File

@ -252,8 +252,8 @@ public:
bool isReady() const; bool isReady() const;
static const QStringList& forbiddenLoginNames(); const QStringList& forbiddenLoginNames() const;
static const QStringList& forbiddenHostNames(); const QStringList& forbiddenHostNames() const;
public Q_SLOTS: public Q_SLOTS:
/** @brief Sets the user's shell if possible /** @brief Sets the user's shell if possible
@ -347,6 +347,9 @@ private:
bool m_writeEtcHosts = false; bool m_writeEtcHosts = false;
QString m_hostnameTemplate; QString m_hostnameTemplate;
QStringList m_forbiddenHostNames;
QStringList m_forbiddenLoginNames;
PasswordCheckList m_passwordChecks; PasswordCheckList m_passwordChecks;
}; };