Add more logging to authrestartd; update comments in MSCPasswordAlertController.py

2025-12-30 11:09:57 -06:00 · 2018-06-05 16:06:51 -07:00
parent 24c0e41054
commit 5182909bec
2 changed files with 8 additions and 5 deletions
--- a/Center/MSCPasswordAlertController.py
+++ b/Center/MSCPasswordAlertController.py
@@ -87,7 +87,7 @@ class MSCPasswordAlertController(NSObject):
        username = NSUserName()
        password = self.passwordField.stringValue()
        if passwdutil.verifyPassword(username, password):
-            # store password and end modal alert
+            # store username and password and end modal alert
            authrestart.store_password(password, username=username)
            code = NSAlertFirstButtonReturn
            NSApplication.sharedApplication().stopModalWithCode_(code)
--- a/code/client/authrestartd
+++ b/code/client/authrestartd
@@ -87,6 +87,8 @@ class FDEUtil(object):
            # restart
            self.log.info('Restart request from uid %s', self.uid)
            if self.uid == 0:
+                self.log.info('Stored username for authrestart: %s',
+                              self.server.stored_username)
                authrestart.do_authorized_or_normal_restart(
                    password=self.server.stored_password,
                    username=self.server.stored_username)
@@ -98,17 +100,18 @@ class FDEUtil(object):
        if self.request['task'] == 'store_password':
            # store a password for later fdesetup authrestart
            self.log.info('Store password request')
+            password = self.request.get('password')
+            if not password:
+                self.log.info('No password in request')
+                raise FDEUtilError('No password provided')
            username = self.request.get('username')
+            self.log.info('Request username: %s', username)
            # don't store the password if the user isn't enabled for FileVault
            if (username and
                    not authrestart.can_attempt_auth_restart_for(username)):
                self.log.info('User %s can\'t do auth restart', username)
                raise FDEUtilError(
                    'User %s can\'t do FileVault authrestart' % username)
-            password = self.request.get('password')
-            if not password:
-                self.log.info('No password in request')
-                raise FDEUtilError('No password provided')
            self.store_password(password, username=username)
            self.log.info('Password stored.')
            return 'DONE'