From 4f90e89480a78f69e4d11a844c925fe59b157f14 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=90=D1=80=D1=82=D0=B5=D0=BC=D0=B8=D0=B9?=
 <finziyr@yandex.ru>
Date: Sat, 19 Jun 2021 17:26:47 +0300
Subject: [PATCH] add front_pwquality.sh

---
 front_pwquality.sh | 86 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)
 create mode 100644 front_pwquality.sh

diff --git a/front_pwquality.sh b/front_pwquality.sh
new file mode 100644
index 0000000..4fb7163
--- /dev/null
+++ b/front_pwquality.sh
@@ -0,0 +1,86 @@
+#!/bin/bash
+
+minlen=8
+dcredit=0
+ucredir=0
+lcredit=0
+ocredit=0
+minclass=0
+maxrepeat=0
+maxsequence=0
+maxclassrepeat=0
+gecoscheck=0
+dictcheck=1
+usercheck=1
+usersubstr=0
+enforcing=1
+retry=1
+enforce_for_root=0
+local_users_only=0
+
+for i in gecoscheck enforce_for_root local_users_only dictcheck usercheck enforcing; do
+	eval 'if [[ $'$i' == 0 ]]; then declare $i=FALSE; else declare $i=TRUE; fi'
+done
+var="$(yad --title="linux-infosec-setupper" --form --text="Настройки политики паролей" --image=/usr/share/icons/hicolor/48x48/apps/gcr-key.png --scroll --width=800 --height=800 \
+	--field=$"Number of characters in the new password that must not be present in the old password::LBL" "!" \
+	  --field=$"Value (difok)::NUM" "1" \
+	--field=$"Minimum acceptable size for the new password:LBL" "!" \
+	  --field=$"Value (minlen):NUM" "$minlen!6..9999!1" \
+	--field=$"The maximum credit for having digits in the new password::LBL" "!" \
+	  --field=$"Value (dcredit):NUM" "$dcredit!-9999..+9999!1" \
+	--field=$"The maximum credit for having uppercase characters in the new password:LBL" "!" \
+	  --field=$"Value (ucredit):NUM" "$ucredir!-9999..+9999!1" \
+	--field=$"The maximum credit for having lowercase characters in the new password:LBL" "!" \
+	  --field=$"Value (lcredit):NUM" "$lcredir!-9999..+9999!1" \
+	--field=$"The maximum credit for having other characters in the new password:LBL" "!" \
+	  --field=$"Value (ocredit):NUM" "$ocredir!-9999..+9999!1" \
+	--field=$"The minimum number of required classes of characters for the new password:LBL" "!" \
+	  --field=$"Value (minclass):NUM" "$minclass!0..9999!1" \
+	--field=$"The maximum number of allowed same consecutive charatcers in the new password:LBL" "!" \
+	  --field=$"Value (maxrepeat):NUM" "$maxrepeat!0..9999!1" \
+	--field=$"The maximum length of monotonic chatacter sequences in the new password:LBL" "!" \
+	  --field=$"Value (maxsequence):NUM" "$maxsequence!0..9999!1" \
+	--field=$"The maximum number of allowed consecutive characters of the same class in the new password:LBL" "!" \
+	  --field=$"Value (maxclassrepeat):NUM" "$maxclassrepeat!0..9999!1" \
+	--field=$"Check whether the password contains a substring of at least N length:LBL" "!" \
+	  --field=$"Value (usersubstr):NUM" "$usersubstr:0..9999:1" \
+	--field=$"Prompt the user at most N times before returning error:LBL" "!" \
+	  --field=$"Value (retry):NUM" "$retry:0..9999:1" \
+	--field=$"Check whether the words longer than 3 characters from the GECO field of passwd:LBL" "!" \
+	  --field=$"Status (gecoscheck):CHK" "$gecoscheck" \
+	--field=$"Check whether the password macthices a word in a dictionary:LBL" "!" \
+	  --field=$"Status (dictcheck):CHK" "$dictcheck" \
+	--field=$"Check whether the password contains the user name in some form:LBL" "!" \
+	  --field=$"Status (usercheck):CHK" "$usercheck" \
+	--field=$"Reject the password if it fails the checks:LBL" "!" \
+	  --field=$"Status (enforcing):CHK" "$enforcing" \
+	--field=$"Return error on failed check even if the user changing the password is root:LBL" "!" \
+	  --field=$"Status (enforce_for_root):CHK" "$enforce_for_root" \
+	--field=$"Not test the password quality for users that are not present in /etc/passwd:LBL" "!" \
+	--field=$"Status (local_users_only):CHK" "$local_users_only")"
+
+var2="$(while read -rd '|' line; do
+	echo $line
+done <<<"$var" | sed '/^$/d' | \
+	sed 's/TRUE/1/
+	    ;s/FALSE/0/
+	    ;1s/^/--difok /
+	    ;2s/^/--minlen /
+	    ;3s/^/--dcredit /
+	    ;4s/^/--ucredit /
+	    ;5s/^/--lcredit /
+	    ;6s/^/--ocredit /
+	    ;7s/^/--minclass /
+	    ;8s/^/--maxrepeat /
+	    ;9s/^/--maxsequence /
+	    ;10s/^/--maxclassrepeat /
+	    ;11s/^/--usersubstr /
+	    ;12s/^/--retry /
+	    ;13s/^/--gecoscheck /
+	    ;14s/^/--dictcheck /
+	    ;15s/^/--usercheck /
+	    ;16s/^/--enforcing /
+	    ;17s/^/--enforce_for_root /
+	    ;18s/^/--local_users_only /' | tr '\n' ' ')"
+source back_pwquality.sh
+_mk_pwquality_conf $var2