guix-play/gnu/installer/user.scm
Josselin Poiret 112ef30b84
installer: Turn passwords into opaque records.
* gnu/installer/user.scm (<secret>, secret?, make-secret,
secret-content): Add opaque <secret> record that boxes its contents,
with a custom printer that doesn't display anything.
* gnu/installer/newt/user.scm (run-user-add-page, run-user-page): Box
it.
* gnu/installer/final.scm (create-user-database): Unbox it.

Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2022-02-02 16:46:44 +01:00

79 lines
2.4 KiB
Scheme

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2018 Mathieu Othacehe <m.othacehe@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu installer user)
#:use-module (guix records)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-9)
#:use-module (srfi srfi-9 gnu)
#:export (<secret>
secret?
make-secret
secret-content
<user>
user
make-user
user-name
user-real-name
user-group
user-home-directory
user-password
users->configuration))
(define-record-type <secret>
(make-secret content)
secret?
(content secret-content))
(set-record-type-printer!
<secret>
(lambda (secret port)
(format port "<secret>")))
(define-record-type* <user>
user make-user
user?
(name user-name)
(real-name user-real-name
(default ""))
(group user-group
(default "users"))
(password user-password)
(home-directory user-home-directory))
(define (users->configuration users)
"Return the configuration field for USERS."
(define (user->sexp user)
`(user-account
(name ,(user-name user))
(comment ,(user-real-name user))
(group ,(user-group user))
(home-directory ,(user-home-directory user))
(supplementary-groups '("wheel" "netdev"
"audio" "video"))))
`((users (cons*
,@(filter-map (lambda (user)
;; Do not emit a 'user-account' form for "root".
(and (not (string=? (user-name user) "root"))
(user->sexp user)))
users)
%base-user-accounts))))