Add password management script

sw/buildroot_overlay/etc/init.d/S03read_config

@@ -5,6 +5,21 @@
 
 . /opt/puzzlefw/lib/functions.sh
 
+# Copy root password from configuration partition.
+copy_passwd() {
+
+    # Do nothing if there is no password on the configuration partition.
+    [ -f ${CONFIG_DIR}/passwd.conf ] || return
+
+    # Do nothing if there is no root password entry in the config file.
+    grep "^root:" ${CONFIG_DIR}/passwd.conf > /etc/shadow.new || return
+
+    grep -v "^root:" /etc/shadow >> /etc/shadow.new
+
+    chmod 0600 /etc/shadow.new
+    mv /etc/shadow.new /etc/shadow
+}
+
 # Copy SSH host key from configuration partition.
 copy_ssh_host_key() {
 
@@ -40,6 +55,7 @@ case "$1" in
     echo "Reading configuration files from SD card ..."
     lock_config || exit 1
     read_config || exit 1
+    copy_passwd
     copy_ssh_host_key
     copy_ntp_server
     ;;

sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-passwd

@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# Password change tool.
+#
+
+. /opt/puzzlefw/lib/functions.sh
+
+# Store changed password on the SD card.
+store_password() {
+
+    # Lock to avoid conflicting changes.
+    lock_config || exit 1
+
+    echo "Writing new password to SD card ..."
+
+    grep "^root:" /etc/shadow > ${CONFIG_DIR}/passwd.conf.new
+    sync_config passwd.conf || exit 1
+}
+
+if [ $# -ne 0 ]; then
+    script="${0##*/}"
+    cat <<EOF
+Usage: $script
+
+Change root password and write the new password hash to the SD card
+to make it persistent accross reboot.
+EOF
+    exit 1
+fi
+
+passwd && store_password
+

sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-sshcfg

@@ -62,6 +62,11 @@ enable() {
 
     echo "start_ssh=1" > ${CONFIG_DIR}/start_ssh.conf.new
     sync_config start_ssh.conf || exit 1
+
+    echo
+    echo "NOTE: Please remember to set a non-default root password."
+    echo "      Use 'puzzle-passwd' to change the root password."
+
 }
 
 # Disable starting SSH server during boot.