refactor(de-sudo): drop pointless sudo on htpasswd hash computation
htpasswd -bnBC just computes a bcrypt hash to stdout (no file/root access), so the sudo was unnecessary — drop it in the adguard/focalboard/invidious auth helpers and password_hash. (App-config file edits owned by container UIDs — owncloud config.php/adguard yaml — are deferred as category-3 cross-owner work for the root-owned ownership helper.) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
2826acf880
commit
07b3e7896d
@ -13,7 +13,7 @@ authAdapter_adguard_setPassword() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
local bcrypt
|
local bcrypt
|
||||||
bcrypt=$(sudo htpasswd -bnBC 10 "" "$password" | tr -d ':\n')
|
bcrypt=$(htpasswd -bnBC 10 "" "$password" | tr -d ':\n')
|
||||||
[[ -z "$bcrypt" ]] && { isError "bcrypt failed."; return 1; }
|
[[ -z "$bcrypt" ]] && { isError "bcrypt failed."; return 1; }
|
||||||
|
|
||||||
local tmp
|
local tmp
|
||||||
|
|||||||
@ -8,7 +8,7 @@ _focalboardBcrypt() {
|
|||||||
if ! command -v htpasswd >/dev/null 2>&1; then
|
if ! command -v htpasswd >/dev/null 2>&1; then
|
||||||
isError "htpasswd is required to bcrypt the password."; return 1
|
isError "htpasswd is required to bcrypt the password."; return 1
|
||||||
fi
|
fi
|
||||||
sudo htpasswd -bnBC 10 "" "$1" | tr -d ':\n'
|
htpasswd -bnBC 10 "" "$1" | tr -d ':\n'
|
||||||
}
|
}
|
||||||
|
|
||||||
authAdapter_focalboard_setPassword() {
|
authAdapter_focalboard_setPassword() {
|
||||||
|
|||||||
@ -8,7 +8,7 @@ _invidiousBcrypt() {
|
|||||||
if ! command -v htpasswd >/dev/null 2>&1; then
|
if ! command -v htpasswd >/dev/null 2>&1; then
|
||||||
isError "htpasswd is required to bcrypt the password."; return 1
|
isError "htpasswd is required to bcrypt the password."; return 1
|
||||||
fi
|
fi
|
||||||
sudo htpasswd -bnBC 10 "" "$1" | tr -d ':\n'
|
htpasswd -bnBC 10 "" "$1" | tr -d ':\n'
|
||||||
}
|
}
|
||||||
|
|
||||||
authAdapter_invidious_setPassword() {
|
authAdapter_invidious_setPassword() {
|
||||||
|
|||||||
@ -7,7 +7,7 @@ hashPassword()
|
|||||||
# htpasswd first (local, instant). docker fallback pulls a ~50MB image.
|
# htpasswd first (local, instant). docker fallback pulls a ~50MB image.
|
||||||
if command -v htpasswd &>/dev/null; then
|
if command -v htpasswd &>/dev/null; then
|
||||||
local bcrypt_hash
|
local bcrypt_hash
|
||||||
bcrypt_hash=$(sudo htpasswd -bnBC 10 "" "$password" | tr -d ':\n')
|
bcrypt_hash=$(htpasswd -bnBC 10 "" "$password" | tr -d ':\n')
|
||||||
if [[ -n "$bcrypt_hash" ]]; then
|
if [[ -n "$bcrypt_hash" ]]; then
|
||||||
bcrypt_hash=$(echo "$bcrypt_hash" | awk -F= '{print $NF}')
|
bcrypt_hash=$(echo "$bcrypt_hash" | awk -F= '{print $NF}')
|
||||||
local escaped_hash
|
local escaped_hash
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user