use strict;
use warnings;
+use PVE::Tools;
use PVE::Auth::Plugin;
use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file cfs_lock_file);
my $shadow = {};
- while ($raw && $raw =~ s/^(.*?)(\n|$)//) {
- my $line = $1;
+ return $shadow if !defined($raw);
- next if $line =~ m/^\s*$/; # skip empty lines
+ while ($raw =~ /^\s*(.+?)\s*$/gm) {
+ my $line = $1;
if ($line !~ m/^\S+:\S+:$/) {
warn "pve shadow password: ignore invalid line $.\n";
return 'pve';
}
-sub defaults {
+sub options {
return {
default => { optional => 1 },
comment => { optional => 1 },
+ tfa => { optional => 1 },
};
}
lock_shadow_config(sub {
my $shadow_cfg = cfs_read_file($shadowconfigfile);
- my $epw = PVE::Auth::Plugin::encrypt_pw($password);
+ my $epw = PVE::Tools::encrypt_pw($password);
$shadow_cfg->{users}->{$username}->{shadow} = $epw;
cfs_write_file($shadowconfigfile, $shadow_cfg);
});