From f1fd75c9ecee5f398a25488c73a541d4135887da Mon Sep 17 00:00:00 2001
From: Joey Hess <id@joeyh.name>
Date: Thu, 4 Dec 2014 17:11:15 -0400
Subject: more work on OS takeover

---
 src/Propellor/Property/User.hs | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'src/Propellor/Property/User.hs')

diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index 434a92a3..ccb69b24 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -84,3 +84,15 @@ hasGroup user group' = check test $ cmdProperty "adduser"
 	`describe` unwords ["user", user, "in group", group']
   where
 	test = not . elem group' . words <$> readProcess "groups" [user]
+
+-- | Controls whether shadow passwords are enabled or not.
+shadowConfig :: Bool -> Property
+shadowConfig True = check (not <$> shadowExists) $
+	cmdProperty "shadowconfig" ["on"]
+		`describe` "shadow passwords enabled"
+shadowConfig False = check shadowExists $
+	cmdProperty "shadowconfig" ["off"]
+		`describe` "shadow passwords disabled"
+
+shadowExists :: IO Bool
+shadowExists = doesFileExist "/etc/shadow"
-- 
cgit v1.3-2-g0d8e