For Raspbian Desktop changes of 2018-11-13

roles/iiab-admin/templates/sshpwd-profile-iiab.sh

@@ -1,5 +1,9 @@
 #!/bin/bash
 
+export TEXTDOMAIN=Linux-PAM
+
+. gettext.sh
+
 # bash syntax "function check_user_pwd() {" was removed, as it prevented all
 # lightdm/graphical logins (incl autologin) on Raspbian: #1252 -> PR #1253
 check_user_pwd() {
@@ -11,20 +15,16 @@ check_user_pwd() {
     [ $(python3 -c "import crypt; print(crypt.crypt('$2', '\$$meth\$$salt'))") == "\$$meth\$$salt\$$hash" ]
 }
 
-# credit to the folks at raspberry pi foundatioon
+# Credit to the folks at the Raspberry Pi Foundation
 check_hash() {
     if ! id -u iiab-admin > /dev/null 2>&1 ; then return 0 ; fi
     if grep -q "^PasswordAuthentication\s*no" /etc/ssh/sshd_config ; then return 0 ; fi
-    #SHADOW="$(sudo -n grep -E '^iiab-admin:' /etc/shadow 2>/dev/null)"
-    #test -n "${SHADOW}" || return 0
-    #if echo $SHADOW | grep -q "iiab-admin:!" ; then return 0 ; fi
-    #SHADOW_PW=$(echo $SHADOW | cut -d: -f2)
-    #if [ "$SHADOW_PW" != '{{ iiab_admin_pwd_hash }}' ]; then return 0 ; fi
     if check_user_pwd "iiab-admin" "{{ iiab_admin_published_pwd }}"; then
-        echo -e "\nSSH is enabled and the published password for user 'iiab-admin' is in use."
+        echo
-        echo -e "THIS IS A SECURITY RISK - please log in as user 'iiab-admin' and run 'passwd'"
+        echo $(/usr/bin/gettext "SSH is enabled and the published password for user 'iiab-admin' is in use.")
-        echo -e "to change its password.\n"
+        echo $(/usr/bin/gettext "THIS IS A SECURITY RISK - please run 'sudo passwd iiab-admin' to change it.")
-    fi
+        echo
+     fi
 }
 
 systemctl is-active {{ sshd_service }} > /dev/null && check_hash