Cleanup the kali password if we don't set it in the scenario

2026-02-20 13:50:45 +00:00 · 2024-09-13 15:16:24 +01:00
parent 841174daef
commit 1953ae3cfc
1 changed files with 13 additions and 0 deletions
--- a/modules/build/unix/cleanup/manifests/init.pp
+++ b/modules/build/unix/cleanup/manifests/init.pp
@@ -30,6 +30,19 @@ class cleanup::init {
    }
  }

+  # if kali_msf we have a default kali account setup by default
+  # some scenarios define a kali user for use
+  # others do not define the kali user, so change the kali user password to our secure root password.
+  if $operatingsystemrelease == 'kali-rolling' and $root_password {
+    $mysalt = 'mysalt'
+
+    exec { 'update_kali_password':
+      command => "/usr/bin/echo '${root_password}' | /usr/bin/openssl passwd -6 -salt ${mysalt} -stdin | xargs -I {} /usr/sbin/usermod -p '{}' kali",
+      unless  => "/bin/grep -q '^kali:.6.${mysalt}' /etc/shadow",
+      path    => ['/usr/bin', '/usr/sbin', '/bin'],
+    }
+  }
+
  # Disable ssh
  if $disable_ssh {
    service { 'ssh':