Return to lcpasswd CVS log

Up to [LON-CAPA] / loncom

changing around the initiation of process locking (no longer locking
for just smbpasswd), adding comments, beginning to further implement lcuserdel.
still trying to capture error condition of unsuccessfully opening /etc/passwd
-Scott

    1: #!/usr/bin/perl
    2: #
    3: # lcpasswd
    4: #
    5: # Scott Harrison
    6: # October 27, 2000
    7: 
    8: use strict;
    9: 
   10: # This script is a setuid script that should
   11: # be run by user 'www'.  This script allows
   12: # for synchronous entry of passwords into
   13: # both the /etc/passwd and the /etc/smbpasswd
   14: # files.
   15: 
   16: # This script works under the same process control mechanism
   17: # as lcuseradd and lcpasswd, to make sure that only one of these
   18: # processes is running at any one time on the system.
   19: 
   20: # Standard input usage
   21: # First line is USERNAME
   22: # Second line is CURRENT PASSWORD
   23: # Third line is NEW PASSWORD
   24: 
   25: # Command-line arguments
   26: # Yes, but be very careful here (don't pass shell commands)
   27: # and this is only supported to allow perl-system calls.
   28: 
   29: # Usage within code
   30: # Note: NEVER run as system("/home/httpd/perl/lcpasswd NAME OLDPWD NEWPWD")
   31: #
   32: # $exitcode=system("/home/httpd/perl/lcpasswd","NAME","OLDPWD","NEWPWD")/256;
   33: # print "uh-oh" if $exitcode;
   34: 
   35: # These are the exit codes.
   36: # ( (0,"ok"),
   37: #   (1,"User ID mismatch.  This program must be run as user 'www'),
   38: #   (2,"Error. This program does not accept command-line arguments."),
   39: #   (3,"Error. Three lines need to be entered into standard input.\n"),
   40: #   (4,"Error. Too many other simultaneous password change requests being made.\n"),
   41: #   (5,"Error. User $username does not exist.\n"),
   42: #   (6,"Error. Invalid entry of current password.\n"),
   43: #   (7,"Error.  Root was not successfully enabled.\n") )
   44: 
   45: # Security
   46: $ENV{'PATH'}="/bin:/usr/bin"; # Nullify path information except for what smbpasswd needs
   47: $ENV{'BASH_ENV'}=""; # Nullify shell environment information.
   48: 
   49: # Do not print error messages if there are command-line arguments
   50: my $noprint=0;
   51: if (@ARGV) {
   52:     $noprint=1;
   53: }
   54: 
   55: # Read in /etc/passwd, and make sure this process is running from user=www
   56: open (IN, "</etc/passwd");
   57: my @lines=<IN>;
   58: close IN;
   59: my $wwwid;
   60: for my $l (@lines) {
   61:     chop $l;
   62:     my @F=split(/\:/,$l);
   63:     if ($F[0] eq 'www') {$wwwid=$F[2];}
   64: }
   65: if ($wwwid!=$<) {
   66:     print("User ID mismatch.  This program must be run as user 'www'\n") unless $noprint;
   67:     unlink("/tmp/lock_lcpasswd");
   68:     exit 1;
   69: }
   70: &disable_root_capability;
   71: 
   72: # Handle case of another lcpasswd process
   73: unless (&try_to_lock("/tmp/lock_lcpasswd")) {
   74:     print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
   75:     exit 4;
   76: }
   77: 
   78: # Gather input.  Should only be 3 values.
   79: my @input;
   80: if (@ARGV==3) {
   81:     @input=@ARGV;
   82: }
   83: elsif (@ARGV) {
   84:     print("Error. This program needs 3 command-line arguments (username, old password, new password).\n") unless $noprint;
   85:     unlink("/tmp/lock_lcpasswd");
   86:     exit 2;
   87: }
   88: else {
   89:     @input=<>;
   90:     if (@input!=3) {
   91: 	print("Error. Three lines need to be entered into standard input.\n") unless $noprint;
   92: 	unlink("/tmp/lock_lcpasswd");
   93: 	exit 3;
   94:     }
   95:     map {chop} @input;
   96: }
   97: 
   98: my ($username,$oldpwd,$newpwd)=@input;
   99: 
  100: # Grab the line corresponding to username
  101: my ($userid,$useroldcryptpwd);
  102: my @F; my @U;
  103: for my $l (@lines) {
  104:     @F=split(/\:/,$l);
  105:     if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;}
  106: }
  107: 
  108: # Verify existence of user
  109: if (!defined($userid)) {
  110:     print "Error. User $username does not exist.\n" unless $noprint;
  111:     unlink("/tmp/lock_lcpasswd");
  112:     exit 5;
  113: }
  114: 
  115: # Verify password entry
  116: if (crypt($oldpwd,$useroldcryptpwd) ne $useroldcryptpwd) {
  117:     print "Error. Invalid entry of current password.\n" unless $noprint;
  118:     unlink("/tmp/lock_lcpasswd");
  119:     exit 6;
  120: }
  121: 
  122: # Construct new password entry (random salt)
  123: my $newcryptpwd=crypt($newpwd,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
  124: $U[1]=$newcryptpwd;
  125: my $userline=join(":",@U);
  126: my $rootid=&enable_root_capability;
  127: if ($rootid!=0) {
  128:     print "Error.  Root was not successfully enabled.\n" unless $noprint;
  129:     unlink("/tmp/lock_lcpasswd");
  130:     exit 7;
  131: }
  132: open PASSWORDFILE, ">/etc/passwd" or die("Cannot open /etc/passwd!");
  133: for my $l (@lines) {
  134:     @F=split(/\:/,$l);
  135:     if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";}
  136:     else {print PASSWORDFILE "$l\n";}
  137: }
  138: close PASSWORDFILE;
  139: $username=~/^(\w+)$/;
  140: my $safeusername=$1;
  141: ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
  142: unless (-e "/etc/smbpasswd") {
  143:     open (OUT,">/etc/smbpasswd"); close OUT;
  144: }
  145: my $smbexist=0;
  146: open (IN, "</etc/smbpasswd");
  147: my @lines=<IN>;
  148: close IN;
  149: for my $l (@lines) {
  150:     chop $l;
  151:     my @F=split(/\:/,$l);
  152:     if ($F[0] eq $username) {$smbexist=1;}
  153: }
  154: unless ($smbexist) {
  155:     open(OUT,">>/etc/smbpasswd");
  156:     print OUT join(":",($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n";
  157:     close OUT;
  158: }
  159: open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null");
  160: print OUT $newpwd; print OUT "\n";
  161: print OUT $newpwd; print OUT "\n";
  162: close OUT;
  163: $<=$wwwid; # unfool the program
  164: &disable_root_capability;
  165: unlink("/tmp/lock_lcpasswd");
  166: exit 0;
  167: 
  168: # ----------------------------------------------------------- have setuid script run as root
  169: sub enable_root_capability {
  170:     if ($wwwid==$>) {
  171: 	($<,$>)=($>,$<);
  172: 	($(,$))=($),$();
  173:     }
  174:     else {
  175: 	# root capability is already enabled
  176:     }
  177:     return $>;
  178: }
  179: 
  180: # ----------------------------------------------------------- have setuid script run as www
  181: sub disable_root_capability {
  182:     if ($wwwid==$<) {
  183: 	($<,$>)=($>,$<);
  184: 	($(,$))=($),$();
  185:     }
  186:     else {
  187: 	# root capability is already disabled
  188:     }
  189: }
  190: 
  191: # ----------------------------------- make sure that another lcpasswd process isn't running
  192: sub try_to_lock {
  193:     my ($lockfile)=@_;
  194:     my $currentpid;
  195:     my $lastpid;
  196:     # Do not manipulate lock file as root
  197:     if ($>==0) {
  198: 	return 0;
  199:     }
  200:     # Try to generate lock file.
  201:     # Wait 3 seconds.  If same process id is in
  202:     # lock file, then assume lock file is stale, and
  203:     # go ahead.  If process id's fluctuate, try
  204:     # for a maximum of 10 times.
  205:     for (0..10) {
  206: 	if (-e $lockfile) {
  207: 	    open(LOCK,"<$lockfile");
  208: 	    $currentpid=<LOCK>;
  209: 	    close LOCK;
  210: 	    if ($currentpid==$lastpid) {
  211: 		last;
  212: 	    }
  213: 	    sleep 3;
  214: 	    $lastpid=$currentpid;
  215: 	}
  216: 	else {
  217: 	    last;
  218: 	}
  219: 	if ($_==10) {
  220: 	    return 0;
  221: 	}
  222:     }
  223:     open(LOCK,">$lockfile");
  224:     print LOCK $$;
  225:     close LOCK;
  226:     return 1;
  227: }