Allow setting sudo password via hash

2025-06-26 18:27:40 +00:00 · 2020-12-23 20:03:43 -05:00
parent d1ece863bc
commit 9e43559690
3 changed files with 18 additions and 7 deletions
--- a/root/etc/cont-init.d/30-config
+++ b/root/etc/cont-init.d/30-config
@@ -2,14 +2,19 @@

 mkdir -p /config/{extensions,data,workspace,.ssh}

-if [ -n "${SUDO_PASSWORD}" ]; then
+if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
  echo "setting up sudo access"
  if ! grep -q 'abc' /etc/sudoers; then
    echo "adding abc to sudoers"
    echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
  fi
-  echo "setting sudo password"
-  echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
+  if [ -n "${SUDO_PASSWORD_HASH}" ]; then
+    echo "setting sudo password using sudo password hash"
+    sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow
+  else
+    echo "setting sudo password using SUDO_PASSWORD env var"
+    echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
+  fi
 fi

 # permissions