Enhancement #2277

Base: add AdminIsNotRoot to keep admin and root password in sync

Added by Giacomo Sanchietti over 6 years ago. Updated over 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-base
Target version:v6.4-beta2
Resolution: NEEDINFO:No

Description

Actually when admin user changes his own password from web UI, change is not reflected to root account. This behavior leads to confusion on users from SME Server.

Add back the AdminIsNotRoot key to configuration db. The key can be:
  • enabled: admin and root password are not synced (current behavior)
  • disabled: admin and root password are always synced

By default AdminIsNotRoot should be disabled.

Associated revisions

Revision e9f690bb
Added by Giacomo Sanchietti over 6 years ago

Validator.php: print system validator output only in debug mode (avoid disclosure of invalid password change attempts). Refs #2277

Revision d7a45507
Added by Giacomo Sanchietti over 6 years ago

createlinks, actions, validators: move password-strength validator and password-modify event to nethserver-base package. Refs #2277

Revision ce7f7f4e
Added by Giacomo Sanchietti over 6 years ago

password-set, db defaults: use AdminIsNotRoot property. Refs #2277

Revision b40ca59e
Added by Giacomo Sanchietti over 6 years ago

createlinks, actions, validators: move password-strength validator and password-modify event to nethserver-base package. Refs #2277

Revision ce8e11f1
Added by Davide Principi about 6 years ago

esmith::util (setUnixSystemPassword): check if admin account exists. Refs #2492

Also, honour AdminIsNotRoot key value (Refs #2277).

History

#1 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from NEW to TRIAGED
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 0 to 20

This modification implies to move password-strength validator and password-modify event to nethserver-base package. Also split password-set into two parts: one which executes passwd command (in nethserver-base) and one which updates accounts db (in nethserver-directory).

#2 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#4 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
New packages in nethserver-testing:
  • nethserver-base-1.4.1-12.0gitce7f7f4e.ns6.noarch.rpm
  • nethserver-directory-1.2.2-4.0gitb40ca59e.ns6.noarch.rpm

Test case 1

  • Install or update nethserver-base
  • Change the admin password from web UI
  • Verify the password is validated against password-strength validator
  • Verify the admin password is synced with the root one
  • Set AdminIsNotRoot to enabled and change the admin password
  • Verify admin and root password are no more in sync

Test case 2

  • Install nethserver-directory
  • Create a user and set a password
  • Verify the password is validated against password-strength validator
  • Verify the user is activated and the password is changed

#5 Updated by Davide Principi over 6 years ago

  • Assignee set to Davide Principi

#6 Updated by Davide Principi over 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 70 to 90

VERIFIED

Also installed, to hide password strings in /var/log/messages
nethserver-nethgui-1.2.3-14.0git8a1c8bb6.ns6.noarch

#7 Updated by Giacomo Sanchietti over 6 years ago

In nethserver-updates:
  • nethserver-directory-1.2.3-1.ns6.noarch.rpm

#8 Updated by Giacomo Sanchietti over 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
In nethserver-updates:
  • nethserver-base-1.4.3

Also available in: Atom PDF