[SSSD] [PATCH] Removing -p option from sss_obfuscate and updating man pages accordingly.

Wed, 02 Feb 2011 05:59:18 -0800 


Hi

Its never a good idea to have a password on the command-line.

Patch 0001- removes the -p/--password option from sss_obfuscate command.
Patch 0002- updated sss_obfuscate man pages accordingly.

--
regards
/shanks

>From 81763a6eb00afbdeeec08c46f5b7db438b23d154 Mon Sep 17 00:00:00 2001
From: Gowrishankar Rajaiyan <g...@redhat.com>
Date: Wed, 2 Feb 2011 19:18:10 +0530
Subject: [PATCH 1/2] removing password option functionality

---
 src/tools/sss_obfuscate |    6 +-----
 1 files changed, 1 insertions(+), 5 deletions(-)

diff --git a/src/tools/sss_obfuscate b/src/tools/sss_obfuscate
index 
cd91161515b1db62dba3b3f7f0b4db88970a07e0..352a4373d36507b2eacdfa66f633d3b69b56cddd
 100644
--- a/src/tools/sss_obfuscate
+++ b/src/tools/sss_obfuscate
@@ -26,10 +26,6 @@ def parse_options():
                       dest="filename", default=None,
                       help="Set input file to FILE (default: Use system 
default, usually /etc/sssd/sssd.conf)",
                       metavar="FILE")
-    parser.add_option("-p", "--password",
-                      dest="password", default=None,
-                      help="Password to obfuscate.",
-                      metavar="PASSWORD")
     (options, args) = parser.parse_args()
 
     return options, args
@@ -40,7 +36,7 @@ def main():
         print >> sys.stderr, "Cannot parse options"
         return 1
 
-    if not options.stdin and not options.password:
+    if not options.stdin:
         pprompt = lambda: (getpass.getpass("Enter password: "), 
getpass.getpass("Re-enter password: "))
         p1, p2 = pprompt()
         while p1 != p2:
-- 
1.7.2.3


>From b7c74b1da9d1a652673f220e877f551167f0d9f4 Mon Sep 17 00:00:00 2001
From: Gowrishankar Rajaiyan <g...@redhat.com>
Date: Wed, 2 Feb 2011 19:20:58 +0530
Subject: [PATCH 2/2] updating sss_obfuscate man page accordingly

---
 src/man/sss_obfuscate.8.xml |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/src/man/sss_obfuscate.8.xml b/src/man/sss_obfuscate.8.xml
index 
8b6a1727ad99a45fd67600acf879c809dec3f714..d2bc50e1199f5acb9da97ca2666b499f1126e4dd
 100644
--- a/src/man/sss_obfuscate.8.xml
+++ b/src/man/sss_obfuscate.8.xml
@@ -34,8 +34,7 @@
             section of the SSSD config file.
         </para>
         <para>
-            The cleartext password can be specified as an argument to the
-            program, read from standard input or entered interactively.
+            The cleartext password is read from standard input or entered 
interactively.
             The obfuscated password is put into 
<quote>ldap_default_authtok</quote>
             parameter of a given SSSD domain and the
             <quote>ldap_default_authtok_type</quote> parameter is set to
-- 
1.7.2.3


_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel

Reply via email to