Fix not being able to delete a once persisted admin password

refs: #18018

Fix not being able to delete a once persisted admin password
refs: #18018
e96c6404 · segfault · intrigeri · ccf2358b · e96c6404 · e96c6404
Unverified Commit e96c6404 authored Nov 21, 2020 by segfault Committed by intrigeri Nov 23, 2020
--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/admin.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/settings/admin.py
@@ -43,12 +43,14 @@ class AdminSetting(object):
                raise

    def load(self):
-        # We don't return the stored value, because the UI can't do
-        # anything with it since it's hashed.
+        """Read and return the *hashed* password from the settings file"""
        try:
            settings = read_settings(self.settings_file)
        except FileNotFoundError:
            raise SettingNotFoundError("No persistent admin settings file found (path: %s)" % self.settings_file)

-        if settings.get('TAILS_USER_PASSWORD') is None:
+        hashed_and_salted_pw = settings.get('TAILS_USER_PASSWORD')
+        if hashed_and_salted_pw is None:
            raise SettingNotFoundError("No admin password setting found in settings file (path: %s)" % self.settings_file)
+
+        return hashed_and_salted_pw
--- a/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/ui/main_window.py
+++ b/config/chroot_local-includes/usr/lib/python3/dist-packages/tailsgreeter/ui/main_window.py
@@ -25,7 +25,7 @@ import sh

 import tailsgreeter                                             # NOQA: E402
 import tailsgreeter.config                                      # NOQA: E402
-from tailsgreeter.config import settings_dir, persistent_settings_dir, unsafe_browser_setting_filename
+from tailsgreeter.config import settings_dir, persistent_settings_dir, admin_password_path
 import tailsgreeter.utils                                       # NOQA: E402
 from tailsgreeter.settings import SettingNotFoundError
 from tailsgreeter.translatable_window import TranslatableWindow
@@ -353,6 +353,14 @@ class GreeterMainWindow(Gtk.Window, TranslatableWindow):
    def cb_button_start_clicked(self, widget, user_data=None):
        for setting in glob.glob(os.path.join(settings_dir, 'tails.*')):
            sh.cp("-a", setting, persistent_settings_dir)
+        try:
+            self.greeter.admin_setting.load()
+        except SettingNotFoundError:
+            # The admin password is not set, so we have to make sure that
+            # the file also doesn't exist in the persistent directory,
+            # in case that the user disabled a persisted admin password.
+            pw_filename = os.path.basename(admin_password_path)
+            sh.rm("-f", os.path.join(persistent_settings_dir, pw_filename))

        self.greeter.login()
        return False