diff options
| author | Joey Hess <joey@kitenet.net> | 2014-03-30 00:17:44 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-03-30 00:17:44 -0400 |
| commit | b5284cc23fc7ce49a3f75762d6387c28dbb174eb (patch) | |
| tree | c1b5f52cd353466510c3a9bdcb6980109f87b171 | |
| parent | 3121c1005945b167abb1bfd16379002802429158 (diff) | |
password locking
| -rw-r--r-- | HostProp.hs | 3 | ||||
| -rw-r--r-- | Property/User.hs | 13 | ||||
| -rw-r--r-- | TODO | 1 |
3 files changed, 17 insertions, 0 deletions
diff --git a/HostProp.hs b/HostProp.hs index 821fe9ef..e0ed8f2a 100644 --- a/HostProp.hs +++ b/HostProp.hs @@ -24,7 +24,10 @@ getProperties "clam" = , GitHome.installedFor "root" , check (Ssh.hasAuthorizedKeys "root") $ Ssh.passwordAuthentication False + , check (Ssh.hasAuthorizedKeys "root") $ + User.lockedPassword "root" , User.nonsystem "joey" + , User.nuked "user" , Apt.installed ["sudo"] , fileHasContent "/etc/sudoers" ["joey ALL=(ALL:ALL) ALL"] , GitHome.installedFor "joey" diff --git a/Property/User.hs b/Property/User.hs index 3ab5f570..47d6fb5b 100644 --- a/Property/User.hs +++ b/Property/User.hs @@ -17,5 +17,18 @@ nonsystem user = check (isNothing <$> homedir user) $ cmdProperty "adduser" , Param user ] +{- Removes user home directory!! Use with caution. -} +nuked :: UserName -> Property +nuked user = check (isJust <$> homedir user) $ cmdProperty "userdel" + [ Param "-r" + , Param user + ] + +lockedPassword :: UserName -> Property +lockedPassword user = cmdProperty "passwd" + [ Param "--lock" + , Param user + ] + homedir :: UserName -> IO (Maybe FilePath) homedir user = catchMaybeIO $ homeDirectory <$> getUserEntryForName user @@ -3,3 +3,4 @@ but only once despite many config changes being made to satisfy properties. onChange is a poor substitute. * Apt upgrade does not avoid apt-listchanges and debconf prompts. +* I often seem to want to be able to combine Properties monadically. |