Recreate samba user after backup restore

[obsy]

root@Gargoyle:~# cat /etc/config/share_users 

config user 'test'
	option password_salt 'ZxADAK40IF3W2qW41MPF2'
	option password_sha1 'a54a6b0a873e41f9feffb2a77c7705c75866da0c '

user test with password test. After backup restore and/or /etc/init.d/share_users start I have

root:x:0:0:root:/root:/bin/ash
daemon:*:1:1:daemon:/var:/bin/false
ftp:*:55:55:ftp:/tmp/share_home/anonymous:/bin/false
network:*:101:101:network:/var:/bin/false
nobody:*:65534:65534:nobody:/var:/bin/false
dnsmasq:x:453:453:dnsmasq:/var/run/dnsmasq:/bin/false
nfs:x:65536:65536:nfs:/var/run/nfs:/bin/false
rpc:x:65533:65533:rpc:/var/run/rpc:/bin/false
:/tmp/share_home/test:/bin/false

No user in passwd file. Because https://github.com/ericpaulbishop/gargoyle/blob/master/package/share-users/files/share_users.init#L43 and https://github.com/ericpaulbishop/gargoyle/blob/master/package/share-users/files/share_users.init#L70 - passwd is not stored in config?

BTW, gargoyle 1.13

[lantis1008]

I've been looking at this for a few days.
There's no good solution. I can think of. Password is intentionally not stored in the config file in plaintext.

https://github.com/ericpaulbishop/gargoyle/blob/master/package/gargoyle/files/usr/lib/gargoyle/restore.sh#L238
Add a checkbox to the GUI to allow the user to restore passwords from the backup. This would risk the user locking themselves out.
It could provide a few options. Restore root password. Restore share users passwords. It would be best to leave other system users untouched (e.g. dnsmasq, tor, etc).
You would also need to preserve /etc/share_user_list

This is not a very nice solution. I don't know if i should implement, or leave this open for further comment/ideas.

[obsy]

I don't understand. Backup already has passwd/shadow file with valid user and password. My question: why after restore backup, system trying recreating valid user? Why is it destroying the username?

[lantis1008]

The way it currently works, it doesn't use them.
It restores them temporarily, then swaps the original files back in.

It has a flag to not do this, but it is currently never used. We could fix this with my suggestion above. Either an option to restore passwords, or always do it.

The risk is that if someone restores a backup with a password they don't know, they will need to failsafe.

[obsy]

OK, but now it's just broken functionality (user without name in passwd file).

[lantis1008]

Yes we can fix that.
https://github.com/ericpaulbishop/gargoyle/blob/master/package/share-users/files/share_users.init#L128
Needs a check for blank string as well, and should not enter the if statement.
This will result in no user at all.

This combined with option above is probably the full solution.

[lantis1008]

This missing_lines function might be interesting here
https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=9c2eceef90b3ca924b8cd836e904ddc480514031;hp=dfa357a3def512c13f22371d24138b6e8093be18