changed the user system to allow more flexible configuration
This commit is contained in:
parent
bbead5d252
commit
0e3d368896
@ -1,4 +1,6 @@
|
|||||||
local tA = {...}
|
local tA = {...}
|
||||||
local s=os.gensalt(16)
|
local s=os.gensalt(16)
|
||||||
|
tA[1] = tA[1] or os.getuid()
|
||||||
io.write("New password for "..tA[1]..": ")
|
io.write("New password for "..tA[1]..": ")
|
||||||
os.setuser(tA[1],sha.sha256(io.read("*")..s),s)
|
os.setuattr(tA[1],"hpass",sha.sha256(io.read("*")..s))
|
||||||
|
os.setuattr(tA[1],"salt",s)
|
||||||
|
@ -112,7 +112,9 @@ do -- so local works
|
|||||||
local f = fs.open("/boot/sys/users.dat","wb")
|
local f = fs.open("/boot/sys/users.dat","wb")
|
||||||
if f then
|
if f then
|
||||||
for k,v in pairs(ut) do
|
for k,v in pairs(ut) do
|
||||||
fs.write(f,k.."\t"..v[1].."\t"..v[2].."\n")
|
for l,m in pairs(v) do
|
||||||
|
fs.write(f,k.."\t"..l.."\t"..m.."\n")
|
||||||
|
end
|
||||||
end
|
end
|
||||||
fs.close(f)
|
fs.close(f)
|
||||||
return true
|
return true
|
||||||
@ -125,9 +127,10 @@ do -- so local works
|
|||||||
local C=fs.readall(f)
|
local C=fs.readall(f)
|
||||||
fs.close(f)
|
fs.close(f)
|
||||||
for line in C:gmatch("[^\n]+") do
|
for line in C:gmatch("[^\n]+") do
|
||||||
local username,hpass,salt = line:match("(.+)\t(.+)\t(.+)")
|
local username,field,val = line:match("(.+)\t(.+)\t(.+)")
|
||||||
if username and hpass and salt then
|
if username and field and val then
|
||||||
ut[username] = {hpass,salt}
|
if not ut[username] then ut[username] = {} end
|
||||||
|
ut[username][field] = val
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@ -153,7 +156,7 @@ do -- so local works
|
|||||||
function os.verifyuser(username,pass)
|
function os.verifyuser(username,pass)
|
||||||
if sha then
|
if sha then
|
||||||
if ut[username] then
|
if ut[username] then
|
||||||
if sha.sha256(pass..ut[username][2]) == ut[username][1] then
|
if sha.sha256(pass..ut[username].salt) == ut[username].hpass then
|
||||||
return true
|
return true
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@ -168,16 +171,24 @@ do -- so local works
|
|||||||
end
|
end
|
||||||
return S
|
return S
|
||||||
end
|
end
|
||||||
function os.setuser(username,hpass,salt,...)
|
function os.setuattr(username,field,val)
|
||||||
if tT[cT].u == "superuser" then
|
if os.getuid() == "superuser" or os.getuid() == username then
|
||||||
if hpass == nil then
|
if not field then
|
||||||
ut[username] = nil
|
ut[username] = nil
|
||||||
else
|
else
|
||||||
ut[username] = {hpass, salt,...}
|
if not ut[username] then ut[username] = {} end
|
||||||
|
ut[username][field] = val
|
||||||
|
log("set "..username.."."..field.." to "..val)
|
||||||
flushut()
|
flushut()
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
function os.getuattr(username,field)
|
||||||
|
if os.getuid() == "superuser" or os.getuid() == username then
|
||||||
|
local uT = ut[username] or {}
|
||||||
|
return uT[field]
|
||||||
|
end
|
||||||
|
end
|
||||||
function os.su(user,pass)
|
function os.su(user,pass)
|
||||||
if os.verifyuser(user,pass) then
|
if os.verifyuser(user,pass) then
|
||||||
log(tT[cT].u .. " su'd to "..user,6,1,true)
|
log(tT[cT].u .. " su'd to "..user,6,1,true)
|
||||||
|
Loading…
Reference in New Issue
Block a user