From 8d972df185de6e841a1752b67e466e8ffc95bfac Mon Sep 17 00:00:00 2001
From: James Knight <james.knight@rockwellcollins.com>
Date: Sat, 23 May 2015 13:51:37 -0400
Subject: [PATCH] scripts/mkusers: allow users with no password value set

The following allows a user definition to specify that a created user
entry should not have a password value set. Original implementation
allowed a user definition to provide a password value of "=" (no quotes)
to generate a crypt-encoded empty string value. In some cases, it may be
desired to have no value specified for a user's password. By using a
value "-" for a password, no value will be set in the shadow value.

An example when this can be used is when logging into a terminal.
Logging into a session with an encoded empty password will prompt a user
to enter a password since it does not know the password is empty. If the
password field blank, a login session will not prompt for a password.

Signed-off-by: James Knight <james.knight@rockwellcollins.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
 docs/manual/makeusers-syntax.txt | 3 ++-
 support/scripts/mkusers          | 3 +++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/manual/makeusers-syntax.txt b/docs/manual/makeusers-syntax.txt
index ffdb961871..467e596230 100644
--- a/docs/manual/makeusers-syntax.txt
+++ b/docs/manual/makeusers-syntax.txt
@@ -31,7 +31,8 @@ Where:
   then login is disabled. If prefixed with +=+, then it is interpreted
   as clear-text, and will be crypt-encoded (using MD5). If prefixed with
   +!=+, then the password will be crypt-encoded (using MD5) and login
-  will be disabled. If set to +*+, then login is not allowed.
+  will be disabled. If set to +*+, then login is not allowed. If set to 
+  +-+, then no password value will be set.
 - +home+ is the desired home directory for the user. If set to '-', no
   home directory will be created, and the user's home will be +/+.
   Explicitly setting +home+ to +/+ is not allowed.
diff --git a/support/scripts/mkusers b/support/scripts/mkusers
index 026519e4ee..9c5c4dcadb 100755
--- a/support/scripts/mkusers
+++ b/support/scripts/mkusers
@@ -318,6 +318,9 @@ add_one_user() {
         *)  fail "home must be an absolute path\n";;
     esac
     case "${passwd}" in
+        -)
+            _passwd=""
+            ;;
         !=*)
             _passwd='!'"$( encode_password "${passwd#!=}" )"
             ;;
-- 
2.30.2