From b2cf52acdbb5f1d3bcab1e31a0be3eea7662815e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D1=80=D1=82=D0=B5=D0=BC=D0=B8=D0=B9?= Date: Sat, 19 Jun 2021 12:18:10 +0300 Subject: [PATCH 1/5] rm 1 --- 1 | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 1 diff --git a/1 b/1 deleted file mode 100644 index ceafc59..0000000 --- a/1 +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -lol() { - echo "$@" - echo ----- - echo "$*" -} -lol $(echo -e "1\n2\n3") From b87c65bc2e9513df95bbaca09ce8c1ac6d2a350a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D1=80=D1=82=D0=B5=D0=BC=D0=B8=D0=B9?= Date: Sat, 19 Jun 2021 12:45:25 +0300 Subject: [PATCH 2/5] add. to common.sh --- back_pwquality.sh | 14 ++++++++++---- common.sh | 3 +++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/back_pwquality.sh b/back_pwquality.sh index 29e27a7..a054657 100644 --- a/back_pwquality.sh +++ b/back_pwquality.sh @@ -27,9 +27,15 @@ _mk_pwquality_conf() { while [ -n "$1" ]; do case "$1" in --difok) shift; - _check_argument "$1" "--difok" - ;; - --minlen) + _check_argument_is_number "$1" "--difok" + ;; + --minlen) shift; + _check_argument_value "$1" "6" "--minlen" + ;; + --dcredit) shift; + _check_argument_is_number "$1" "--dcredit" "-" + ;; esac done - } +} +_mk_pwquality_conf --dcredit -1 diff --git a/common.sh b/common.sh index 092b1c9..75a0535 100644 --- a/common.sh +++ b/common.sh @@ -17,6 +17,9 @@ _check_argument_is_number() { if [[ "$1" == [0-9]* ]]; then return 0 else + if [ -n "$3" ]; then + grep -Exq -- "(\-|\+)[0-9]*" <<< "$1" && return 0 + fi error $"Argument to %s must be a number" "$2" return 1 fi From f8f1b02ea9fed71bf5afb5d8ec2aabb5484cfe85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D1=80=D1=82=D0=B5=D0=BC=D0=B8=D0=B9?= Date: Sat, 19 Jun 2021 13:31:48 +0300 Subject: [PATCH 3/5] implemented back_pwquality --- back_pwquality.sh | 118 +++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 111 insertions(+), 7 deletions(-) diff --git a/back_pwquality.sh b/back_pwquality.sh index a054657..b52ad2c 100644 --- a/back_pwquality.sh +++ b/back_pwquality.sh @@ -7,7 +7,7 @@ _mk_pwquality_conf() { local difok=1 \ minlen=8 \ dcredit=0 \ - uncredit=0 \ + ucredit=0 \ lcredit=0 \ ocredit=0 \ minclass=0 \ @@ -27,15 +27,119 @@ _mk_pwquality_conf() { while [ -n "$1" ]; do case "$1" in --difok) shift; - _check_argument_is_number "$1" "--difok" + _check_argument_is_number "$1" "--difok" + difok="$1" + shift ;; --minlen) shift; - _check_argument_value "$1" "6" "--minlen" + _check_argument_value "$1" "6" "--minlen" + minlen="$1" + shift ;; --dcredit) shift; - _check_argument_is_number "$1" "--dcredit" "-" + _check_argument_is_number "$1" "--dcredit" "-" + dcredit="$1" + shift ;; - esac - done + --ucredit) shift; + _check_argument_is_number "$1" "--ucredit" "-" + ucredit="$1" + shift + ;; + --lcredit) shift; + _check_argument_is_number "$1" "--lcredit" "-" + lcredit="$1" + shift + ;; + --ocredit) shift; + _check_argument_is_number "$1" "--ocredit" "-" + ocredit="$1" + shift + ;; + --minclass) shift; + _check_argument_is_number "$1" "--minclass" + minclass="$1" + shift + ;; + --maxrepeat) shift; + _check_argument_is_number "$1" "--maxrepeat" + maxrepeat="$1" + shift + ;; + --maxsequence) shift; + _check_argument_is_number "$1" "--maxsequence" + maxsequence="$1" + shift + ;; + --maxclassrepeat) shift; + _check_argument_is_number "$1" "--maxclassrepeat" + maxclassrepeat="$1" + ;; + --gecoscheck) shift; + _check_argument_is_number "$1" "--gecoscheck" + [[ "$1" =~ (0|1) ]] || error $"The received parameters are not correct. Expected %s, received %s" $"0 or 1" "$1" + geoscheck="$1" + shift + ;; + --dictcheck) shift; + _check_argument_is_number "$1" "--dictcheck" + [[ "$1" =~ (0|1) ]] || error $"The received parameters are not correct. Expected %s, received %s" $"0 or 1" "$1" + dickcheck="$1" + shift + ;; + --usercheck) shift; + _check_argument_is_number "$1" "--usercheck" + [[ "$1" =~ (0|1) ]] || error $"The received parameters are not correct. Expected %s, received %s" $"0 or 1" "$1" + usercheck="$1" + shift + ;; + --usersubstr) shift; + _check_argument_is_number "$1" "--usersubstr" + usersubstr="$1" + shift + ;; + --enforcing) shift; + _check_argument_is_number "$1" "--enforcing" + [[ "$1" =~ (0|1) ]] || error $"The received parameters are not correct. Expected %s, received %s" $"0 or 1" "$1" + enforcing="$1" + shift + ;; + --retry) shift; + _check_argument_is_number "$1" "--retry" + shift + ;; + --enforce_for_root) shift; + _check_argument_is_number "$1" "--enforce_for_root" + [[ "$1" =~ (0|1) ]] || error $"The received parameters are not correct. Expected %s, received %s" $"0 or 1" "$1" + enforce_for_root="$1" + shift + ;; + --local_users_only) shift; + _check_argument_is_number "$1" "--local_users_only" + [[ "$1" =~ (0|1) ]] || error $"The received parameters are not correct. Expected %s, received %s" $"0 or 1" "$1" + local_users_only="$1" + shift + ;; + esac + done +cat < Date: Sat, 19 Jun 2021 14:00:53 +0300 Subject: [PATCH 4/5] prototype --- back_pwquality.sh | 4 ++++ test_common.sh | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/back_pwquality.sh b/back_pwquality.sh index b52ad2c..a6d5d30 100644 --- a/back_pwquality.sh +++ b/back_pwquality.sh @@ -88,9 +88,13 @@ _mk_pwquality_conf() { shift ;; --usercheck) shift; + echo 1 _check_argument_is_number "$1" "--usercheck" + echo 2 [[ "$1" =~ (0|1) ]] || error $"The received parameters are not correct. Expected %s, received %s" $"0 or 1" "$1" + echo 3 usercheck="$1" + echo 4 shift ;; --usersubstr) shift; diff --git a/test_common.sh b/test_common.sh index ccbe2bf..019ab06 100644 --- a/test_common.sh +++ b/test_common.sh @@ -6,13 +6,13 @@ TESTING=1 . ./common.sh -_check_argument_is_number 123 "this" || failed="$((++failed))" +! _check_argument_is_number 123 "this" && failed="$((++failed))" _check_argument_is_number NotNumber "this" && failed="$((++failed))" -_check_argument_value 8 7 "this" || failed="$((++failed))" +! _check_argument_value 8 7 "this" && failed="$((++failed))" _check_argument_value 1 7 "this" && failed="$((++failed))" -_check_argument_is_string "Hello" "this" || failed="$((++failed))" +! _check_argument_is_string "Hello" "this" && failed="$((++failed))" _check_argument_is_string "Hello world" "this" && failed="$((++failed))" From 1be2ccddfabd4b83c091a232de87722cc8c91026 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D1=80=D1=82=D0=B5=D0=BC=D0=B8=D0=B9?= Date: Sat, 19 Jun 2021 14:04:33 +0300 Subject: [PATCH 5/5] remove pwquality.conf --- stock/pwquality.conf | 79 -------------------------------------------- 1 file changed, 79 deletions(-) delete mode 100644 stock/pwquality.conf diff --git a/stock/pwquality.conf b/stock/pwquality.conf deleted file mode 100644 index 63eb315..0000000 --- a/stock/pwquality.conf +++ /dev/null @@ -1,79 +0,0 @@ -# Configuration for systemwide password quality limits -# Defaults: -# -# Number of characters in the new password that must not be present in the -# old password. -# difok = 1 -# -# Minimum acceptable size for the new password (plus one if -# credits are not disabled which is the default). (See pam_cracklib manual.) -# Cannot be set to lower value than 6. -# minlen = 8 -# -# The maximum credit for having digits in the new password. If less than 0 -# it is the minimum number of digits in the new password. -# dcredit = 0 -# -# The maximum credit for having uppercase characters in the new password. -# If less than 0 it is the minimum number of uppercase characters in the new -# password. -# ucredit = 0 -# -# The maximum credit for having lowercase characters in the new password. -# If less than 0 it is the minimum number of lowercase characters in the new -# password. -# lcredit = 0 -# -# The maximum credit for having other characters in the new password. -# If less than 0 it is the minimum number of other characters in the new -# password. -# ocredit = 0 -# -# The minimum number of required classes of characters for the new -# password (digits, uppercase, lowercase, others). -# minclass = 0 -# -# The maximum number of allowed consecutive same characters in the new password. -# The check is disabled if the value is 0. -# maxrepeat = 0 -# -# The maximum number of allowed consecutive characters of the same class in the -# new password. -# The check is disabled if the value is 0. -# maxclassrepeat = 0 -# -# Whether to check for the words from the passwd entry GECOS string of the user. -# The check is enabled if the value is not 0. -# gecoscheck = 0 -# -# Whether to check for the words from the cracklib dictionary. -# The check is enabled if the value is not 0. -# dictcheck = 1 -# -# Whether to check if it contains the user name in some form. -# The check is enabled if the value is not 0. -# usercheck = 1 -# -# Length of substrings from the username to check for in the password -# The check is enabled if the value is greater than 0 and usercheck is enabled. -# usersubstr = 0 -# -# Whether the check is enforced by the PAM module and possibly other -# applications. -# The new password is rejected if it fails the check and the value is not 0. -# enforcing = 1 -# -# Path to the cracklib dictionaries. Default is to use the cracklib default. -# dictpath = -# -# Prompt user at most N times before returning with error. The default is 1. -# retry = 3 -# -# Enforces pwquality checks on the root user password. -# Enabled if the option is present. -# enforce_for_root -# -# Skip testing the password quality for users that are not present in the -# /etc/passwd file. -# Enabled if the option is present. -# local_users_only