diff --git a/fragments/platform/rhel10/payload/python_crypt_packages.ks b/fragments/platform/rhel10/payload/python_crypt_packages.ks new file mode 100644 index 00000000..21dd825c --- /dev/null +++ b/fragments/platform/rhel10/payload/python_crypt_packages.ks @@ -0,0 +1,3 @@ +%packages +python3 +%end diff --git a/fragments/platform/rhel8/payload/python_crypt_packages.ks b/fragments/platform/rhel8/payload/python_crypt_packages.ks new file mode 100644 index 00000000..21dd825c --- /dev/null +++ b/fragments/platform/rhel8/payload/python_crypt_packages.ks @@ -0,0 +1,3 @@ +%packages +python3 +%end diff --git a/fragments/platform/rhel9/payload/python_crypt_packages.ks b/fragments/platform/rhel9/payload/python_crypt_packages.ks new file mode 100644 index 00000000..21dd825c --- /dev/null +++ b/fragments/platform/rhel9/payload/python_crypt_packages.ks @@ -0,0 +1,3 @@ +%packages +python3 +%end diff --git a/fragments/shared/payload/python_crypt_packages.ks b/fragments/shared/payload/python_crypt_packages.ks new file mode 100644 index 00000000..71cf829f --- /dev/null +++ b/fragments/shared/payload/python_crypt_packages.ks @@ -0,0 +1,4 @@ +%packages +python3 +python3-crypt-r +%end diff --git a/rootpw-basic.ks.in b/rootpw-basic.ks.in index 663bf97a..2820e96c 100644 --- a/rootpw-basic.ks.in +++ b/rootpw-basic.ks.in @@ -18,15 +18,17 @@ rootpw qweqwe shutdown -# make sure Python 3 is available for the %post scriptlet -%packages -python3 -%end +%ksappend payload/python_crypt_packages.ks %post --interpreter=/usr/bin/python3 import sys -import crypt +try: + # Use the standalone (not deprecated) package when available + import crypt_r +except ImportError: + # Fallback to the deprecated standard library module + import crypt as crypt_r # pylint: disable=deprecated-module with open("/root/RESULT", "wt") as result: # Test that the root password is what we expect it to be @@ -39,7 +41,7 @@ with open("/root/RESULT", "wt") as result: print("Unable to find root password", file=result) sys.exit(0) - if crypt.crypt("qweqwe", shadow_fields[1]) != shadow_fields[1]: + if crypt_r.crypt("qweqwe", shadow_fields[1]) != shadow_fields[1]: print("Root password is not correct: %s" % shadow_fields[1], file=result) sys.exit(0) diff --git a/rootpw-crypted.ks.in b/rootpw-crypted.ks.in index ca92d84f..58557c8f 100644 --- a/rootpw-crypted.ks.in +++ b/rootpw-crypted.ks.in @@ -27,7 +27,6 @@ python3 %post --interpreter=/usr/bin/python3 import sys -import crypt with open("/root/RESULT", "wt") as result: # Test that the root password is what we expect it to be diff --git a/rootpw-lock-no-password.ks.in b/rootpw-lock-no-password.ks.in index 2c28eac2..49a417cf 100644 --- a/rootpw-lock-no-password.ks.in +++ b/rootpw-lock-no-password.ks.in @@ -33,7 +33,6 @@ python3 %post --interpreter=/usr/bin/python3 import sys -import crypt with open("/root/RESULT", "wt") as result: # Test that the root password is what we expect it to be diff --git a/rootpw-lock.ks.in b/rootpw-lock.ks.in index 3367bc97..68b68a7c 100644 --- a/rootpw-lock.ks.in +++ b/rootpw-lock.ks.in @@ -23,15 +23,17 @@ rootpw --lock qweqwe shutdown -# make sure Python 3 is available for the %post scriptlet -%packages -python3 -%end +%ksappend payload/python_crypt_packages.ks %post --interpreter=/usr/bin/python3 import sys -import crypt +try: + # Use the standalone (not deprecated) package when available + import crypt_r +except ImportError: + # Fallback to the deprecated standard library module + import crypt as crypt_r # pylint: disable=deprecated-module with open("/root/RESULT", "wt") as result: # Test that the root password is what we expect it to be @@ -48,7 +50,7 @@ with open("/root/RESULT", "wt") as result: print("Root password is not locked: %s" % shadow_fields[1], file=result) sys.exit(0) - if crypt.crypt("qweqwe", shadow_fields[1][1:]) != shadow_fields[1][1:]: + if crypt_r.crypt("qweqwe", shadow_fields[1][1:]) != shadow_fields[1][1:]: print("Root password is not correct: %s" % shadow_fields[1], file=result) sys.exit(0)