From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Mon, 26 Sep 2016 13:25:37 +0000 (+0200)
Subject: base-files: fix check for empty password warning
X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fstaging%2Fmkresin.git;a=commitdiff_plain;h=6c1542787d135de358710254e71fe926f8676954;hp=77f54eae453db4220547c4c17d29ff91351b06e0

base-files: fix check for empty password warning

Now that we know that the password is in /etc/shadow and not in
/etc/passwd, we can properly fix the logic for the empty password check.
Only 'root::' is an empty password, 'root:x:' and 'root:!:' allow no
password login at all.

This fixes the empty password warning still showing after the root password
has been locked using 'passwd -l root' (e.g. to allow public-key auth
only).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
---

diff --git a/package/base-files/files/etc/profile b/package/base-files/files/etc/profile
index d70bafca49..f241ab2ef3 100644
--- a/package/base-files/files/etc/profile
+++ b/package/base-files/files/etc/profile
@@ -30,8 +30,7 @@ alias ll='ls -alF --color=auto'
 	unset FILE
 }
 
-if ( grep -qsE '^root:[!x]?:' /etc/shadow && \
-     grep -qsE '^root:[!x]?:' /etc/passwd  && \
+if ( grep -qs '^root::' /etc/shadow && \
      [ -z "$FAILSAFE" ] )
 then
 cat << EOF