Add more logging to authrestartd; update comments in MSCPasswordAlert…

…Controller.py
munki · Jun 5, 2018 · 68a5628 · 68a5628
1 parent d248ec8
commit 68a5628
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/code/apps/Managed Software Center/Managed Software Center/MSCPasswordAlertController.py b/code/apps/Managed Software Center/Managed Software Center/MSCPasswordAlertController.py
@@ -87,7 +87,7 @@ def verifyPassword_(self, alert):
         username = NSUserName()
         password = self.passwordField.stringValue()
         if passwdutil.verifyPassword(username, password):
-            # store password and end modal alert
+            # store username and password and end modal alert
             authrestart.store_password(password, username=username)
             code = NSAlertFirstButtonReturn
             NSApplication.sharedApplication().stopModalWithCode_(code)

diff --git a/code/client/authrestartd b/code/client/authrestartd
@@ -87,6 +87,8 @@ class FDEUtil(object):
             # restart
             self.log.info('Restart request from uid %s', self.uid)
             if self.uid == 0:
+                self.log.info('Stored username for authrestart: %s',
+                              self.server.stored_username)
                 authrestart.do_authorized_or_normal_restart(
                     password=self.server.stored_password,
                     username=self.server.stored_username)
@@ -98,17 +100,18 @@ class FDEUtil(object):
         if self.request['task'] == 'store_password':
             # store a password for later fdesetup authrestart
             self.log.info('Store password request')
+            password = self.request.get('password')
+            if not password:
+                self.log.info('No password in request')
+                raise FDEUtilError('No password provided')
             username = self.request.get('username')
+            self.log.info('Request username: %s', username)
             # don't store the password if the user isn't enabled for FileVault
             if (username and
                     not authrestart.can_attempt_auth_restart_for(username)):
                 self.log.info('User %s can\'t do auth restart', username)
                 raise FDEUtilError(
                     'User %s can\'t do FileVault authrestart' % username)
-            password = self.request.get('password')
-            if not password:
-                self.log.info('No password in request')
-                raise FDEUtilError('No password provided')
             self.store_password(password, username=username)
             self.log.info('Password stored.')
             return 'DONE'