Am 15/07/2024 um 09:56 schrieb Christoph Heiss: > This series adds a new answer option `global.root_password_hashed` > for the auto-installer, enabling administrators to specify the root > password of the new installation in a hashed format - as generated by > e.g. mkpasswd(1) - instead of plain-text. > > Administrators/users might want to avoid passing along a plain-text > password with the different answer-fetching methods supported by the > auto-installer, for obvious reasons. > > While this of course does not provide full security, sending a hashed > password might still be preferred by administrators over plain text. > > Tested by installing using the GUI and TUI (to ensure no regressions > can happen) and using the auto-installer, once with `root_password` set > (again testing for potential regressions) and once with > `global.root_password_hashed` set instead, testing the new > functionality. > > First two patches are small cleanups and may be applied independently. > > v1: https://lists.proxmox.com/pipermail/pve-devel/2024-May/063949.html > > Notable changes v1 -> v2: > * rebased on latest master > * fixed rebase mistake > * merged previous patch #4/#5 for consistency across crates > * improved validation in auto-installer > > Christoph Heiss (6): > common: move `PasswordOptions` type to tui crate > tui-installer: remove `Debug` implementation for password options > low-level: change root password option to contain either plaintext or > hash > {auto,tui}-installer: adapt to new `root_password` plain/hashed setup > option > auto-installer: add new `global.root_password_hashed` answer option > auto-installer: add test for hashed root password option > > Proxmox/Install.pm | 25 ++++++++++++++++--- > Proxmox/Install/Config.pm | 20 ++++++++++++--- > proxinstall | 4 +-- > proxmox-auto-installer/src/answer.rs | 3 ++- > proxmox-auto-installer/src/utils.rs | 21 ++++++++++++++-- > .../resources/parse_answer/disk_match.json | 2 +- > .../parse_answer/disk_match_all.json | 2 +- > .../parse_answer/disk_match_any.json | 2 +- > .../parse_answer/hashed_root_password.json | 20 +++++++++++++++ > .../parse_answer/hashed_root_password.toml | 14 +++++++++++ > .../tests/resources/parse_answer/minimal.json | 2 +- > .../resources/parse_answer/nic_matching.json | 2 +- > .../resources/parse_answer/specific_nic.json | 2 +- > .../tests/resources/parse_answer/zfs.json | 2 +- > proxmox-installer-common/src/options.rs | 15 ----------- > proxmox-installer-common/src/setup.rs | 12 +++++++-- > proxmox-tui-installer/src/main.rs | 4 +-- > proxmox-tui-installer/src/options.rs | 20 ++++++++++++--- > proxmox-tui-installer/src/setup.rs | 10 ++++++-- > 19 files changed, 140 insertions(+), 42 deletions(-) > create mode 100644 > proxmox-auto-installer/tests/resources/parse_answer/hashed_root_password.json > create mode 100644 > proxmox-auto-installer/tests/resources/parse_answer/hashed_root_password.toml >
applied series while taking the freedom to record Theodor's feedback in form of a T-b tag, thanks! _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
