de2af4d74d
The upstream commit 1e422ed of python-keyring moved non-preferred keyring backends to separated package "keyrings.alt", so adding the keyrings.alt and porting the patches related to non-preferred keyring backends to keyrings.alt. Patches are not up to our standard. Bringing them up to standard is future work, tracked by: https://bugs.launchpad.net/starlingx/+bug/1950506. Related-Bug: 1950506 Building successfully. Installing python3-keyrings.alt, python3-keyring and the dependence package tsconfig successfully. Booting up ISO successfully on qemu. Story: 2009221 Task: 43438 Signed-off-by: Yue Tao <yue.tao@windriver.com> Change-Id: I4b70927709f0cc968e32af1d0e2a9402f47b2fe9
65 lines
3.0 KiB
Diff
65 lines
3.0 KiB
Diff
The upstream commit 1e422ed of keyring moves non-preferred keyring
|
|
backends to keyrings.alt package, so moving the codes related to keyring
|
|
backends of no_keyring_password.patch to package keyrings.alt
|
|
|
|
diff --git a/keyrings/alt/file_base.py b/keyrings/alt/file_base.py
|
|
--- a/keyrings/alt/file_base.py
|
|
+++ b/keyrings/alt/file_base.py
|
|
@@ -163,7 +163,7 @@ class Keyring(FileBacked, KeyringBackend
|
|
# create the file without group/world permissions
|
|
with open(self.file_path, 'w'):
|
|
pass
|
|
- user_read_write = 0o600
|
|
+ user_read_write = 0o644
|
|
os.chmod(self.file_path, user_read_write)
|
|
|
|
def delete_password(self, service, username):
|
|
diff --git a/keyrings/alt/file.py b/keyrings/alt/file.py
|
|
index f899880..ef6db1d 100644
|
|
--- a/keyrings/alt/file.py
|
|
+++ b/keyrings/alt/file.py
|
|
@@ -52,11 +52,18 @@ class Encrypted:
|
|
|
|
def _get_new_password(self):
|
|
while True:
|
|
- password = getpass.getpass("Please set a password for your new keyring: ")
|
|
- confirm = getpass.getpass('Please confirm the password: ')
|
|
- if password != confirm: # pragma: no cover
|
|
- sys.stderr.write("Error: Your passwords didn't match\n")
|
|
- continue
|
|
+#****************************************************************
|
|
+# Forging the Keyring password to allow automation and still keep
|
|
+# the password encoded. TODO to be revisited when Barbican keyring
|
|
+# Will be used with the complete PKI solution
|
|
+#****************************************************************
|
|
+# password = getpass.getpass("Please set a password for your new keyring: ")
|
|
+# confirm = getpass.getpass('Please confirm the password: ')
|
|
+# if password != confirm: # pragma: no cover
|
|
+# sys.stderr.write("Error: Your passwords didn't match\n")
|
|
+# continue
|
|
+ password = "Please set a password for your new keyring: "
|
|
+
|
|
if '' == password.strip(): # pragma: no cover
|
|
# forbid the blank password
|
|
sys.stderr.write("Error: blank passwords aren't allowed.\n")
|
|
@@ -172,9 +179,16 @@ class EncryptedKeyring(Encrypted, Keyrin
|
|
Unlock this keyring by getting the password for the keyring from the
|
|
user.
|
|
"""
|
|
- self.keyring_key = getpass.getpass(
|
|
- 'Please enter password for encrypted keyring: '
|
|
- )
|
|
+#****************************************************************
|
|
+# Forging the Keyring password to allow automation and still keep
|
|
+# the password encoded. TODO to be revisited when Barbican keyring
|
|
+# Will be used with the complete PKI solution
|
|
+#****************************************************************
|
|
+# self.keyring_key = getpass.getpass(
|
|
+# 'Please enter password for encrypted keyring: '
|
|
+# )
|
|
+ self.keyring_key = "Please set a password for your new keyring: "
|
|
+
|
|
try:
|
|
ref_pw = self.get_password('keyring-setting', 'password reference')
|
|
assert ref_pw == 'password reference value'
|