Loop around calling "passwd" to get a second chance to change the password

Needs Term::UI which is part of Debian's perl-modules package, hence
no new (build-) dependencies needed.

bin/xen-create-image

@@ -798,6 +798,8 @@ use Data::Dumper;
 use Data::Validate::URI qw/ is_uri /;
 use Data::Validate::IP qw/ is_ipv4 /;
 use Data::Validate::Domain qw/ is_hostname /;
+use Term::UI;
+use Term::ReadLine;
 use Xen::Tools::Common;
 
 
@@ -3927,7 +3929,17 @@ sub setupRootPassword
     {
         if ( -x $MOUNT_POINT . "/usr/bin/passwd" )
         {
-            system("chroot $MOUNT_POINT /usr/bin/passwd");
+            my $tryagain = 1;
+            my $term = Term::ReadLine->new('Password change failed');
+            while ($tryagain) {
+                my $rc = system("chroot $MOUNT_POINT /usr/bin/passwd");
+                if ($rc >> 8) {
+                    $tryagain = $term->ask_yn(
+                        prompt => 'Do you want to try to change the password again??',
+                        default => 'y',
+                    );
+                }
+            }
         }
         else
         {

debian/changelog

@@ -4,6 +4,8 @@ xen-tools (4.4~dev-1) UNRELEASED; urgency=low
   * Do not run "passwd" via runCommand as that one captures STDOUT for
     logging. Makes --passwd usable again. Thanks to Christan Herzog for
     the bug report.
+  * Loop around calling "passwd" to get a second chance to change the
+    password. Needs Term::UI (part of perl-modules, no new dependencies)
 
  -- Axel Beckert <abe@debian.org>  Fri, 23 Aug 2013 21:13:07 +0200