|
version 1.1, 2001/10/23 03:43:02
|
version 1.10, 2009/07/17 02:20:59
|
|
Line 1
|
Line 1
|
| #!/usr/bin/perl |
#!/usr/bin/perl |
| |
|
| |
# The Learning Online Network with CAPA |
| |
# |
| |
# pwchange - setuid script to change unix passwords |
| |
# |
| |
# YEAR=2001 |
| |
# |
| |
# YEAR=2002 |
| |
# 02/19 Matthew Hall |
| |
# |
| |
# $Id$ |
| |
### |
| |
|
| use strict; |
use strict; |
| |
my $noprint = 1; |
| |
|
| |
|
| |
|
| |
print "In pwchange\n" unless $noprint; |
| |
print "Real uid = $< effective uid = $> \n" unless $noprint; |
| |
# ------------------------------------------------------------------ Untainting |
| $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
$ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. |
| $ENV{'BASH_ENV'}=''; # Nullify shell environment information. |
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
| |
|
| |
# ---------------------------- Make sure this process is running from user=root |
| |
|
| |
if (0 != $<) { |
| |
print "Username not root" unless $noprint; |
| |
exit 1; |
| |
} |
| |
# ----------------------------------------------- If not running setuid as root |
| if ($>!=0) { |
if ($>!=0) { |
| |
print "Not setuid to root" unless $noprint; |
| exit 1; |
exit 1; |
| } |
} |
| |
|
| |
# ----------------------------------------------- Make sure arguments are valid |
| my $user=shift @ARGV; |
my $user=shift @ARGV; |
| $user=~/^(\w+)$/; |
$user=~/^(\w+)$/; |
| my $safe=$1; |
my $safe=$1; |
| |
print "Save user = $safe" unless $noprint; |
| |
|
| my $pword=<>; |
my $pword=<>; |
| chomp $pword; |
chomp $pword; |
| unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) { |
unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) { |
| exit 2; |
exit 2; |
| } |
} |
| |
print "Password = $pword" unless $noprint; |
| my $pbad=0; |
my $pbad=0; |
| map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$pword)); |
foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
| exit 3 if $pbad; |
exit 3 if $pbad; |
| |
|
| open OUT,"|passwd --stdin $safe >/dev/null"; |
# --------------------------------------------------------- Call system command |
| print OUT $pword; |
my $distro; |
| print OUT "\n"; |
if (open(PIPE,"perl distprobe|")) { |
| close OUT; |
$distro = <PIPE>; |
| |
close(PIPE); |
| |
} |
| |
if ($distro =~ /^ubuntu|debian/) { |
| |
open(OUT,"|/usr/sbin/usermod -p `mkpasswd $pword` $safe"); |
| |
close(OUT); |
| |
} else { |
| |
open(OUT,"|passwd --stdin $safe >/dev/null"); |
| |
print OUT $pword; |
| |
print OUT "\n"; |
| |
close(OUT); |
| |
} |
| |
|
| |
# --------------------------------------- exit with status of command execution |
| exit $?/256; |
exit $?/256; |
| |
|
| |
=head1 NAME |
| |
|
| |
pwchange - setuid script to change unix passwords |
| |
|
| |
=head1 DESCRIPTION |
| |
|
| |
Setuid script to change unix passwords. |
| |
|
| |
=head1 README |
| |
|
| |
Setuid script to change unix passwords. |
| |
|
| |
=head1 PREREQUISITES |
| |
|
| |
=head1 COREQUISITES |
| |
|
| |
=pod OSNAMES |
| |
|
| |
linux |
| |
|
| |
=pod SCRIPT CATEGORIES |
| |
|
| |
LONCAPA/Administrative |
| |
|
| |
=cut |
![[BACK]](/icons/back.gif){kind=icon}
Return to pwchange CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom