From patchwork Mon Sep 23 17:18:16 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: John Crispin <john@phrozen.org>
X-Patchwork-Id: 1988670
X-Patchwork-Delegate: blogic@openwrt.org
Return-Path: 
 <openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 secure) header.d=lists.infradead.org header.i=@lists.infradead.org
 header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ACXykZM4;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org
 (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
 envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org;
 receiver=patchwork.ozlabs.org)
Received: from bombadil.infradead.org (bombadil.infradead.org
 [IPv6:2607:7c80:54:3::133])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4XC8sH0qplz1xsg
	for <incoming@patchwork.ozlabs.org>; Tue, 24 Sep 2024 03:20:51 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
	Message-Id:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description:
	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
	List-Owner; bh=GJjvZvIc21sctzMNNPGfkxMywM3fi6TA8aq9NkFiG0o=; b=ACXykZM4jbE6ED
	Pmg1B8iMqDn+srfAmUiZ31J08IsOwZSFF8vWU+XpBL13dWsbhxM+MGvOdzcfykGhHSKVlcNkkigxB
	nXopJHdVBLqeLklVOnz+mSs9flhWl0692ma6hqUEoHI9kREchspkGzHSe+XgrtXl9qk+w9dsZVw09
	AALV3XQlktJwO36yQCtbhGAi0hMlvNkkD/4YZTUbF3aNS43f+p7XneEoBpEqOK9gcaBrDVC3sQ6RC
	qAA9EZ3Os8k9dEgwt1Bs0/Ib4fi72EA/QpxQNhOjQ05ZyhnmmKhgc2zHnnis3BmySx0eCR9DBx2Lb
	RcTzgGUnXQmaepdB14hA==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux))
	id 1ssmhw-000000006vU-3slJ;
	Mon, 23 Sep 2024 17:18:44 +0000
Received: from nbd.name ([46.4.11.11])
	by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux))
	id 1ssmhp-000000006rR-1uxJ
	for openwrt-devel@lists.openwrt.org;
	Mon, 23 Sep 2024 17:18:40 +0000
Received: from [2a04:4540:1404:e800:43a1:93c8:f672:7397] (helo=bertha10..)
	by ds12 with esmtpsa  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <john@phrozen.org>)
	id 1ssmhl-00HS5P-1W
	for openwrt-devel@lists.openwrt.org;
	Mon, 23 Sep 2024 19:18:33 +0200
From: John Crispin <john@phrozen.org>
To: openwrt-devel@lists.openwrt.org
Subject: [PATCH 02/11] base-files: uci-defaults: allow setting default
 credentials and ssh keys
Date: Mon, 23 Sep 2024 19:18:16 +0200
Message-Id: <20240923171825.148902-3-john@phrozen.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240923171825.148902-1-john@phrozen.org>
References: <20240923171825.148902-1-john@phrozen.org>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20240923_101837_525948_76B42B62 
X-CRM114-Status: UNSURE (   5.38  )
X-CRM114-Notice: Please train this message.
X-Spam-Score: -1.9 (-)
X-Spam-Report: Spam detection software,
 running on the system "bombadil.infradead.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  Introduce new uci-default functions: -
 ucidef_set_root_password
    [password hash/cleartext] - ucidef_set_ssh_authorized_key [ssh key]
 Signed-off-by:
    John Crispin <john@phrozen.org> ---
 .../base-files/files/lib/functions/uci-defaults.sh
    | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
 Content analysis details:   (-1.9 points, 5.0 required)
  pts rule name              description
 ---- ----------------------
 --------------------------------------------------
  0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [46.4.11.11 listed in sa-accredit.habeas.com]
  0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [46.4.11.11 listed in bl.score.senderscore.com]
  0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
                             query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [46.4.11.11 listed in
 sa-trusted.bondedsender.org]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                             [score: 0.0000]
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: OpenWrt Development List <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: <https://lists.openwrt.org/mailman/options/openwrt-devel>,
 <mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.openwrt.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: <https://lists.openwrt.org/mailman/listinfo/openwrt-devel>,
 <mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>
Errors-To: 
 openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org

Introduce new uci-default functions:
     - ucidef_set_root_password [password hash/cleartext]
     - ucidef_set_ssh_authorized_key [ssh key]

Signed-off-by: John Crispin <john@phrozen.org>
---
 .../base-files/files/lib/functions/uci-defaults.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/package/base-files/files/lib/functions/uci-defaults.sh b/package/base-files/files/lib/functions/uci-defaults.sh
index ba7288c2c6..bcc78220cc 100644
--- a/package/base-files/files/lib/functions/uci-defaults.sh
+++ b/package/base-files/files/lib/functions/uci-defaults.sh
@@ -677,6 +677,20 @@ ucidef_set_country() {
 	json_select ..
 }
 
+ucidef_set_root_password() {
+	local passwd="$1"
+	json_select_object credentials
+		json_add_string root_password "$passwd"
+	json_select ..
+}
+
+ucidef_set_ssh_authorized_key() {
+	local ssh_key="$1"
+	json_select_object credentials
+		json_add_string ssh_authorized_key "$ssh_key"
+	json_select ..
+}
+
 ucidef_set_ntpserver() {
 	local server