• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 612
  • Last Modified:

passwd

I have been working with tcl and expect trying to get an html page to change a users name and password for them.

Either I did something or the expect program did something.

Now when I log on to the Unix box and type passwd I get the following response:

passwd: Changing password for 'username'
Permission denied

However, when I log on as root it still works.

Can anyone help me?
0
afpcos
Asked:
afpcos
1 Solution
 
jlevieCommented:
Try executing passwd with the absolute path, e.g., /bin/passwd. I'll bet your expect script is named passwd and it's being found before the system copy (like when "." is in your path ahead of everything else).
0
 
afpcosAuthor Commented:
jlevie...

I get the same response from the system when I enter /bin/passwd.
0
 
jlevieCommented:
Rats, it's not going to be nice & easy...

What Unix are you using? The ones I have direct access to (Solaris, Linux & Irix) all show passwd to be owned by root and suid to root. Perhaps the ownership/mode of the passwd executable has changed. Also possible is that your passwd isn't actually in /bin and you're not executing the actual passwd executable. What did you name your expect script? If you do "file /bin/passwd" what does it say?

0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
freesourceCommented:
I wouldn't be too surprised if the permissions are wrong on the actual passwd file, check that, too.
0
 
freesourceCommented:
for the above .. i.e. not the executable, but where the passwords are written.
0
 
jlevieCommented:
Re: freesource's comment... Good point, we don't yet know which Unix it is and how it would behave if the perms on /etc/passwd [and maybe shadow] weren't right. /etc/password typically is owned by root and mode rw-r--r--, shadow r--------. I know that Solaris, Linux & Irix don't appear to care ('cause I just tried with the perms wrong), but...
0
 
samriCommented:
afpcos,

Just wandering: are you trying to change you own password or sombody else password?  Only root (or root equivalent) are allowed to change other users password.

And from the browser, the script is running under what userid.  Normally, the CGI scripts will be executed under the WEB server UID (which is normally nobody).  If this is the case, try to get your scripts to be suid root, and check your web server configuration on how this could be achieved.

good luck,

samri
0
 
cartoon022100Commented:
Hi,
from root try editing your /etc/passwd file to remove the encrypted password
after writing try to logon.May work :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Tackle projects and never again get stuck behind a technical roadblock.
Join Now