calamari-ctl initialize does not enforce minimum password complexity

[andreasstieger]

calamari-ctl initialize does not enforce minimum password complexity. Setting weak or trivial passwords is possible.

# calamari-ctl initialize
[INFO] Loading configuration..
[INFO] Starting/enabling salt...
[INFO] Starting/enabling postgres...
[INFO] Initializing database...
[INFO] You will now be prompted for login details for the administrative user account.  This is the account you will use to log into the web interface once setup is complete.
Username (leave blank to use 'root'): 
Email address: [email protected]
Password: 
Password (again): 
Superuser created successfully.
[INFO] Initializing web interface...
[INFO] Starting/enabling services...

This should be be checked though cracklib-check or similar. The underlying process doing this seems to be https://docs.djangoproject.com/en/1.9/ref/django-admin/#createsuperuser

[tserong]

This might be... irritating to fix. Calamari right now works with Django 1.5 and 1.6, but I don't think hooks for input validation for creating the admin user appeared until Django 1.8.