From c2d9d4d291bef71a61cb6f496d42bd7adec1aa26 Mon Sep 17 00:00:00 2001
From: John Klug <john.klug@multitech.com>
Date: Mon, 2 Dec 2019 14:33:10 -0600
Subject: Check passwords for commissioning

---
 etc/init.d/commissioning | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/etc/init.d/commissioning b/etc/init.d/commissioning
index 11b0eb3..4f54267 100755
--- a/etc/init.d/commissioning
+++ b/etc/init.d/commissioning
@@ -10,10 +10,23 @@ PIDFILE=/var/run/lighttpd-commission.pid
 
 ENABLED=yes
 [ -f /etc/default/$NAME ] && . /etc/default/$NAME
+
+# If we are not enabled, see if anybody has a password
+if [[ ENABLED == no ]] ; then
+    PASSWORDS=$(passwd -Sa | egrep '^[^[:space:]]+[[:space:]]P[[:space:]]' | wc -l)
+    if (($PASSWORDS == 0)) ; then
+	# No password, so turn on commissioning
+	rm /etc/default/$NAME
+	ENABLED="yes"
+    fi
+fi
+
 # /etc/default/no-${NAME} should point at /etc/default/.no-${NAME}
 # and contain ENABLED="no".
 # This will prevent commissioning on a factory reset
 # but not on an image update for tighter security.
+# If the device is to have no password at all, this file and
+# link must be created, and ENABLED must be set to "no"
 [ -f "/etc/default/no-${NAME}" ] && . "/etc/config/no-${NAME}"
 
 
-- 
cgit v1.2.3