changed the user system to allow more flexible configuration

This commit is contained in:
Izaya 2017-10-08 00:24:42 +11:00
parent bbead5d252
commit 0e3d368896
2 changed files with 23 additions and 10 deletions

View File

@ -1,4 +1,6 @@
local tA = {...} local tA = {...}
local s=os.gensalt(16) local s=os.gensalt(16)
tA[1] = tA[1] or os.getuid()
io.write("New password for "..tA[1]..": ") io.write("New password for "..tA[1]..": ")
os.setuser(tA[1],sha.sha256(io.read("*")..s),s) os.setuattr(tA[1],"hpass",sha.sha256(io.read("*")..s))
os.setuattr(tA[1],"salt",s)

View File

@ -112,7 +112,9 @@ do -- so local works
local f = fs.open("/boot/sys/users.dat","wb") local f = fs.open("/boot/sys/users.dat","wb")
if f then if f then
for k,v in pairs(ut) do for k,v in pairs(ut) do
fs.write(f,k.."\t"..v[1].."\t"..v[2].."\n") for l,m in pairs(v) do
fs.write(f,k.."\t"..l.."\t"..m.."\n")
end
end end
fs.close(f) fs.close(f)
return true return true
@ -125,9 +127,10 @@ do -- so local works
local C=fs.readall(f) local C=fs.readall(f)
fs.close(f) fs.close(f)
for line in C:gmatch("[^\n]+") do for line in C:gmatch("[^\n]+") do
local username,hpass,salt = line:match("(.+)\t(.+)\t(.+)") local username,field,val = line:match("(.+)\t(.+)\t(.+)")
if username and hpass and salt then if username and field and val then
ut[username] = {hpass,salt} if not ut[username] then ut[username] = {} end
ut[username][field] = val
end end
end end
end end
@ -153,7 +156,7 @@ do -- so local works
function os.verifyuser(username,pass) function os.verifyuser(username,pass)
if sha then if sha then
if ut[username] then if ut[username] then
if sha.sha256(pass..ut[username][2]) == ut[username][1] then if sha.sha256(pass..ut[username].salt) == ut[username].hpass then
return true return true
end end
end end
@ -168,16 +171,24 @@ do -- so local works
end end
return S return S
end end
function os.setuser(username,hpass,salt,...) function os.setuattr(username,field,val)
if tT[cT].u == "superuser" then if os.getuid() == "superuser" or os.getuid() == username then
if hpass == nil then if not field then
ut[username] = nil ut[username] = nil
else else
ut[username] = {hpass, salt,...} if not ut[username] then ut[username] = {} end
ut[username][field] = val
log("set "..username.."."..field.." to "..val)
flushut() flushut()
end end
end end
end end
function os.getuattr(username,field)
if os.getuid() == "superuser" or os.getuid() == username then
local uT = ut[username] or {}
return uT[field]
end
end
function os.su(user,pass) function os.su(user,pass)
if os.verifyuser(user,pass) then if os.verifyuser(user,pass) then
log(tT[cT].u .. " su'd to "..user,6,1,true) log(tT[cT].u .. " su'd to "..user,6,1,true)