Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/examples
diff options
context:
space:
mode:
authorAnton Hvornum <anton@hvornum.se>2021-11-11 09:59:42 +0000
committerGitHub <noreply@github.com>2021-11-11 09:59:42 +0000
commite3e62039f9c4cbbb6f604c838cd3cd8032150565 (patch)
tree0917691dc792c9eb5773ab6ed63b8a3de52e4f49 /examples
parent273b7aaa994170f65055c7db178a548544b5bb76 (diff)
parentad09c8cfa29e891ed23c084a26993ae92dcf1265 (diff)
Merged PR #707 - Fixes password leakage to terminal
Created a new JSON serializer called `UNSAFE_JSON` that will serialize everything, including sensitive information. And `JSON` which is the default up to this point now safely ignores any sensitive information in dictionaries marked with `!`, for instance `{"!password" : "mypassword"}` will be omitted from any output.
Diffstat (limited to 'examples')
-rw-r--r--examples/guided.py13
1 files changed, 7 insertions, 6 deletions
diff --git a/examples/guided.py b/examples/guided.py
index 73bf7712..f009d938 100644
--- a/examples/guided.py
+++ b/examples/guided.py
@@ -243,15 +243,16 @@ def perform_filesystem_operations():
fs.load_layout(archinstall.storage['disk_layouts'][drive.path])
def perform_installation(mountpoint):
- user_credentials = json.dumps({
+ user_credentials = {
"!users" : archinstall.arguments['!users'],
- "!superusers" : archinstall.arguments['!users'],
- "!root-password" : archinstall.arguments['!users'],
- "!encryption-password" : archinstall.arguments['!encryption-password'],
- }, indent=4, sort_keys=True, cls=archinstall.UNSAFE_JSON)
+ "!superusers" : archinstall.arguments['!superusers'],
+ "!root-password" : archinstall.arguments['!root-password'],
+ }
+ if archinstall.arguments.get('!encryption-password'):
+ user_credentials["!encryption-password"] = archinstall.arguments.get('!encryption-password')
with open("/var/log/archinstall/user_credentials.json", "w") as config_file:
- config_file.write(user_credentials)
+ config_file.write(json.dumps(user_credentials, indent=4, sort_keys=True, cls=archinstall.UNSAFE_JSON))
"""
Performs the installation steps on a block device.