From 44e46e0dd71567756928be3f773d09cc2cee22c2 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Mon, 13 Jan 2020 17:58:52 -0500
Subject: [PATCH] Issue 50816 - dsconf allows the root password to be set to
 nothing

Bug Description:  dsconf allows you to set the root DN password to nothing/

Fix Description:  Do not allow the root DN password to be set to nothing

relates: https://pagure.io/389-ds-base/issue/50816

Reviewed by: firstyear(Thanks!)
---
 src/lib389/lib389/idm/directorymanager.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/lib389/lib389/idm/directorymanager.py b/src/lib389/lib389/idm/directorymanager.py
index bb3b58355..4c573e7b4 100644
--- a/src/lib389/lib389/idm/directorymanager.py
+++ b/src/lib389/lib389/idm/directorymanager.py
@@ -31,6 +31,8 @@ class DirectoryManager(Account):
         self._protected = True
 
     def change_password(self, new_password):
+        if new_password == "":
+            raise ValueError("You can not set the Directory Manager password to nothing")
         self._instance.config.set('nsslapd-rootpw', new_password)
 
     def bind(self, password=PW_DM, *args, **kwargs):
-- 
2.21.1