blob: 0b8bce80e0a537af8a9897e00734822116f732bb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
#!/bin/bash
# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Customizes a Chrome OS release image by setting the chronos user password.
# Usage: ./set_chronos_password.sh <image.bin> <chronos_password> [--force]
# Load common constants and variables.
. "$(dirname "$0")/common.sh"
change_chronos_password() {
local rootfs=$1
local password=$2
echo "Setting chronos password..."
local crypted_password="$(echo $password | openssl passwd -1 -stdin)"
local temp_shadow="$rootfs/etc/tempshadow"
echo "chronos:$crypted_password:14500:0:99999::::" \
| sudo tee "$temp_shadow" > /dev/null
sudo grep -Ev ^chronos: "$rootfs/etc/shadow" \
| sudo tee -a "$temp_shadow" > /dev/null
sudo mv -f "$temp_shadow" "$rootfs/etc/shadow"
}
main() {
set -e
local image=$1
local chronos_password=$2
if [ $# -ne 2 ] && [ $# -ne 3 ] || [ ! $3 = "--force" ] ; then
echo "Usage: $PROG <image.bin> <chronos_password> [--force]"
exit 1
fi
local loopdev=$(loopback_partscan "${image}")
local rootfs=$(make_temp_dir)
if [ $# -eq 2 ]; then
mount_loop_image_partition_ro "${loopdev}" 3 "${rootfs}"
if ! no_chronos_password "$rootfs"; then
echo "Password is already set [use --force if you'd like to update it]"
exit 1
fi
# Prepare for remounting read/write. We can't use `mount -o rw,remount`
# because of the bits in the ext4 header we've set to block that. See
# enable_rw_mount for details.
sudo umount "${rootfs}"
fi
mount_loop_image_partition "${loopdev}" 3 "${rootfs}"
change_chronos_password "$rootfs" "$chronos_password"
touch "$image" # Updates the image modification time.
echo "Password Set."
}
main $@
|
