From b3351bc3d0108c35cf1ade40c7bbb84291d0a5c6 Mon Sep 17 00:00:00 2001
From: developsessions <developsessions1@gmail.com>
Date: Mon, 26 Dec 2022 00:04:04 +0100
Subject: [PATCH] Prevent root password modification during reset to default
 and the initialize setup wizard

---
 patches/0003-Prevent-changing-root-password.patch | 10 ++++++++++
 repack-squashfs.sh                                |  1 +
 2 files changed, 11 insertions(+)
 create mode 100644 patches/0003-Prevent-changing-root-password.patch

diff --git a/patches/0003-Prevent-changing-root-password.patch b/patches/0003-Prevent-changing-root-password.patch
new file mode 100644
index 00000000..d6fe137e
--- /dev/null
+++ b/patches/0003-Prevent-changing-root-password.patch
@@ -0,0 +1,10 @@
+--- a/etc/uci-defaults/10_migrate-shadow	2020-09-28 05:05:55.000000000 -0400
++++ b/etc/uci-defaults/10_migrate-shadow	2022-12-25 17:17:00.681549715 -0500
+@@ -6,7 +6,6 @@
+ if [ -n "${ppwd#[\!x]}" ] && [ -z "${spwd#[\!x]}" ]; then
+ 	logger -t migrate-shadow "Moving root password hash into shadow database"
+ 	sed -i -e "s:^root\:[^\:]*\::root\:x\::"     /etc/passwd
+-	sed -i -e "s:^root\:[^\:]*\::root\:$ppwd\::" /etc/shadow
+ fi
+ 
+ exit 0
diff --git a/repack-squashfs.sh b/repack-squashfs.sh
index 07c4fc11..a82799d4 100755
--- a/repack-squashfs.sh
+++ b/repack-squashfs.sh
@@ -42,6 +42,7 @@ sed -i 's/romVersion%>/& xqrepack/;' "$FSDIR/usr/lib/lua/luci/view/web/inc/foote
 
 # stop resetting root password
 sed -i '/set_user(/a return 0' "$FSDIR/etc/init.d/system"
+sed -i 's/flg_init_pwd=.*/flg_init_pwd=0/' "$FSDIR/etc/init.d/boot_check"
 
 # make sure our backdoors are always enabled by default
 sed -i '/ssh_en/d;' "$FSDIR/usr/share/xiaoqiang/xiaoqiang-reserved.txt"