Re: How can I change a password from a script?

To: Debian User <debian-user@lists.debian.org>
Cc: Enrico Zini <zinie@cs.unibo.it>
Subject: Re: How can I change a password from a script?
From: Joe Block <jpb@creol.ucf.edu>
Date: Fri, 03 Dec 1999 16:55:27 -0500
Message-id: <[🔎] 38483C4F.16FEFA94@creol.ucf.edu>
References: <[🔎] 19991203225821.A6624@marvin.casa>

Enrico Zini wrote:
> Now we have shadow passwords, MD5 hashes, NIS, LDAP, PAM... wow!  It's
> fantastic, but I need something that knows how to change passwords on my
> system, because I don't.

Check out chpasswd - you can pass it a list of username:newpassword
pairs.

> I would like to call passwd from my setuid root CGI (in which all security
> precautions would have been taken), feed him the new password and let him to
> whatever it pleases, but it could complain about passwords being too weak.

Look into cgiwrap.  It'll take care of a lot of the security issues for
you.

If you're doing this to make it easier on the commandline-phobics to
change their password, consider changing their shell to /usr/bin/passwd
and embedding a telnet link in the web page.  This is assuming from your
comments about Samba that you're using your linux box as a server and
the users never login directly - obviously this won't work if they're
actually using their shell accounts.

No suid root cgi that way, no having to worry about the security issues.

jpb
-- 
Joe Block <jpb@creol.ucf.edu>
CREOL System Administrator

Social graces are the packet headers of everyday life.

Reply to:

Follow-Ups:
- Considering PAM [Was: How can I change a password from a script?]
  - From: Enrico Zini <zinie@cs.unibo.it>

References:
- How can I change a password from a script?
  - From: Enrico Zini <zinie@cs.unibo.it>

Prev by Date: Mounting partition as /var/spool/mail
Next by Date: Re: [off-topic] MS Outlook
Previous by thread: How can I change a password from a script?
Next by thread: Considering PAM [Was: How can I change a password from a script?]
Index(es):
- Date
- Thread