HEX
Server: nginx/1.29.3
System: Linux mail.sarafai.ru 6.1.0-40-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.153-1 (2025-09-20) x86_64
User: root (0)
PHP: 7.4.33
Disabled: dl,exec,passthru,shell_exec,system,proc_open,popen,parse_ini_file,show_source
$ pwd: /usr/bin/
Upload Files
File: //usr/bin/set-root-pw
#!/bin/bash
# Get root password from Openstack API

source /usr/lib/set-root-pw/logging
source /usr/lib/set-root-pw/data

export VENDORDATA=
export METADATA=

STANDARDS_VERSION='2013-10-17'
VENDORDATA_PATH="/openstack/${STANDARDS_VERSION}/vendor_data.json"
METADATA_PATH="/openstack/${STANDARDS_VERSION}/meta_data.json"

debug "Trying to get VendorData from attached ConfigDrive"
if [[ -e /run/configdrive ]]; then
    error "ConfigDrive is already mounted"
    die 3
fi

if [[ ! -e /dev/disk/by-label/config-2 ]]; then
    error "ConfigDrive is not present"
    die 4
fi

if mkdir -p /run/configdrive && \
   mount /dev/disk/by-label/config-2 /run/configdrive -t iso9660 -o norock,mode=0400; then
    debug "Fetching VendorData from ConfigDrive"

    export VENDORDATA=`cat "/run/configdrive/${VENDORDATA_PATH}"`
    export METADATA=`cat "/run/configdrive/${METADATA_PATH}"`

    umount /run/configdrive &> /dev/null
    rmdir /run/configdrive &> /dev/null
else
    error "Failed to mount ConfigDrive"
    umount /run/configdrive &> /dev/null
    rmdir /run/configdrive &> /dev/null
    die 5
fi

source /usr/lib/set-root-pw/openstack

broadcast()
{
    local msg="$*"
    local gettys=$(ps aux | awk '/getty/ {if (0==match($0,"awk")) print $7}')
    echo -e "Selectel password changer:\n$msg" | wall -n
    for tty in $gettys; do
        [ -w /dev/$tty ] && \
            echo -e "\nSelectel password changer:\n$msg" > /dev/$tty
    done
}

info "Getting password from API service"
password=`openstack_get_passwordhash`
if [ $? != 0 ]; then
    error "Failed to get new password"
    [[ 'manual' == $ACTION ]] && broadcast "Failed to get new password"
    exit 1
fi

if [ -z "$password" ] || [ "null" == "$password" ]; then
    info "No valid password obtained, no changes made..."
    [[ 'manual' == $ACTION ]] && broadcast "No password change detected"
    exit 0
fi

info "Setting root password"
if [ -z "$password" = "" ]; then
passwd -d root
else
echo -n "root:$password" | chpasswd -e
fi

if [ $? != 0 ]; then
    error "ERROR: Failed to set root password..."
    exit 1
fi

info "Password successfully set"
[[ 'manual' == $ACTION ]] && broadcast "Password successfully updated"
exit 0
@ Telegram