[Commotion-admin] [luci-commotion] Reject ssh changes with invalid root password (#170)
areynold
notifications at github.com
Mon Feb 24 15:02:24 UTC 2014
Closes #155
To test:
1. Open Administration > Advanced > System > Administration in a web browser
2. SSH into the node and run `uci show dropbear`
3. Using an incorrect/blank root password, change a number of settings on the page, including ssh keys.
4. Click Save, then run `uci show dropbear` from the command line. The settings should not have changed. If you added an ssh key, it should not have been added to /etc/dropbear/authorized_keys.
5. Repeat using an incorrect root password and Save & Apply instead of Save. Your settings should not appear in /etc/config/dropbear.
6. Enter the correct root password and repeat. Your new settings should have been saved.
You can merge this Pull Request by running:
git pull https://github.com/opentechinstitute/luci-commotion validate-password
Or you can view, comment on it, or merge it online at:
https://github.com/opentechinstitute/luci-commotion/pull/170
-- Commit Summary --
* Updating admin.lua patch to honor password validation across maps
* Updated patch -p flag for admin.oldpasswd.patch
* Re-implementing admin password patch
-- File Changes --
M files/usr/share/commotion/patches/admin.oldpasswd.patch (71)
-- Patch Links --
https://github.com/opentechinstitute/luci-commotion/pull/170.patch
https://github.com/opentechinstitute/luci-commotion/pull/170.diff
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/luci-commotion/pull/170
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20140224/64cb7754/attachment.html>
More information about the Commotion-admin
mailing list