From 934fcd04a43f10bede4a98b5a28d51e6962daaec Mon Sep 17 00:00:00 2001
From: Marta Rybczynska <marta.rybczynska@huawei.com>
Date: Fri, 16 Jul 2021 15:52:14 +0200
Subject: [PATCH] shadown_%.bbapend: hardening of password settings

Remove the hardening distro requirement from the recipe,
we do not want to rename our distro and this feature is useful
in all cases.

One thing that needs to be added is setting up the password min/max
age, and the minimum password length.

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
---
 .../recipes-extended/shadow/shadow_%.bbappend              | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/meta-ohos-staging/recipes-extended/shadow/shadow_%.bbappend b/meta-ohos-staging/recipes-extended/shadow/shadow_%.bbappend
index 3f363f06..5717de2e 100644
--- a/meta-ohos-staging/recipes-extended/shadow/shadow_%.bbappend
+++ b/meta-ohos-staging/recipes-extended/shadow/shadow_%.bbappend
@@ -1,10 +1,7 @@
-do_install_append_harden () {
+do_install_append () {
 	# to hardend
 	sed -i -e 's:UMASK.*:UMASK 027:' ${D}${sysconfdir}/login.defs
-	sed -i -e 's:PASS_MAX_DAYS.*:PASS_MAX_DAYS 365:' ${D}${sysconfdir}/login.defs
-	sed -i -e 's:PASS_MIN_DAYS.*:PASS_MIN_DAYS 1:' ${D}${sysconfdir}/login.defs
-	sed -i -e 's:#PASS_MIN_LEN.*:PASS_MIN_LEN 11:' ${D}${sysconfdir}/login.defs
-	sed -i -e 's:PASS_WARN_AGE.*:PASS_WARN_AGE 14:' ${D}${sysconfdir}/login.defs
+# TODO: set the password age limit and min length
 	sed -i -e 's:LOGIN_RETRIES.*:LOGIN_RETRIES 3:' ${D}${sysconfdir}/login.defs
 	sed -i -e 's:LOGIN_TIMEOUT.*:LOGIN_TIMEOUT 30:' ${D}${sysconfdir}/login.defs
 }
-- 
GitLab