• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 600
  • Last Modified:

passwd

I have been working with tcl and expect trying to get an html page to change a users name and password for them.

Either I did something or the expect program did something.

Now when I log on to the Unix box and type passwd I get the following response:

passwd: Changing password for 'username'
Permission denied

However, when I log on as root it still works.

Can anyone help me?
0
afpcos
Asked:
afpcos
1 Solution
 
jlevieCommented:
Try executing passwd with the absolute path, e.g., /bin/passwd. I'll bet your expect script is named passwd and it's being found before the system copy (like when "." is in your path ahead of everything else).
0
 
afpcosAuthor Commented:
jlevie...

I get the same response from the system when I enter /bin/passwd.
0
 
jlevieCommented:
Rats, it's not going to be nice & easy...

What Unix are you using? The ones I have direct access to (Solaris, Linux & Irix) all show passwd to be owned by root and suid to root. Perhaps the ownership/mode of the passwd executable has changed. Also possible is that your passwd isn't actually in /bin and you're not executing the actual passwd executable. What did you name your expect script? If you do "file /bin/passwd" what does it say?

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
freesourceCommented:
I wouldn't be too surprised if the permissions are wrong on the actual passwd file, check that, too.
0
 
freesourceCommented:
for the above .. i.e. not the executable, but where the passwords are written.
0
 
jlevieCommented:
Re: freesource's comment... Good point, we don't yet know which Unix it is and how it would behave if the perms on /etc/passwd [and maybe shadow] weren't right. /etc/password typically is owned by root and mode rw-r--r--, shadow r--------. I know that Solaris, Linux & Irix don't appear to care ('cause I just tried with the perms wrong), but...
0
 
samriCommented:
afpcos,

Just wandering: are you trying to change you own password or sombody else password?  Only root (or root equivalent) are allowed to change other users password.

And from the browser, the script is running under what userid.  Normally, the CGI scripts will be executed under the WEB server UID (which is normally nobody).  If this is the case, try to get your scripts to be suid root, and check your web server configuration on how this could be achieved.

good luck,

samri
0
 
cartoon022100Commented:
Hi,
from root try editing your /etc/passwd file to remove the encrypted password
after writing try to logon.May work :-)
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now