Solved

change password program in www

Posted on 2001-08-10
18
269 Views
Last Modified: 2012-06-22
any free script to changing password of linux server using web interface?

I need a secure script which is cgi or php.

or can you suggest me how to write?
0
Comment
Question by:stanleyhuen
  • 7
  • 7
  • 3
  • +1
18 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6374126
http://www.webmin.com/
(probably oversized for simply changing passwords, but secure)
0
 
LVL 14

Expert Comment

by:xberry
ID: 6375520
Hi,

I've been to that www.webmin.com site some while ago & 
went through the program description of webmin.
Gee, that's a giant thing. Anything it CAN'T do for you ?
(Apart form making a real good cup of tea ?)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6375659
There's an example of a password changing web app in the examples directory of Expect. I modified the example rather heavily to make it more universal and reliable and I'd be glad to share the code if you'll send an email to jim@entrophy-free.net referencing this question. Of course to do it securely you need an SSL enabled web server to protect the password from prying eyes.
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 

Author Comment

by:stanleyhuen
ID: 6377677
I have sent u a mail, can u send ur program to me?
0
 
LVL 40

Accepted Solution

by:
jlevie earned 70 total points
ID: 6385266
I've sent the files, let me know if you don't get them.
0
 

Author Comment

by:stanleyhuen
ID: 6392064
I have got it, thx.

I have used it, but there is a problem.

I have created a shell "/bin/nobash" which will simply exit for my clients ( i use this shell so as to disable client to use telnet but ftp).
When they use this passwd.cgi to change password, they failed.

do u know how can i create a "shell" that enable my clients to change password only but not other commands?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6392644
how about using  /usr/bin/passwd  instead of /bin/nobash  in /etc/passwd ?
This diables shell logins 'cause passwd is not a shell, but alows the users to use ftp. If /usr/bin/passwd is listed in /etc/shells, you can telnet (but I recommend ssh for security reason) to your box and then just change their passwd.
0
 

Author Comment

by:stanleyhuen
ID: 6393482
after i change the /bin/nobash to /usr/bin/passwd,
I tried to change passwd, but:
Passwd Change Acknowledgment
Error: passwd: bad argument -c: unknown option

the code is sth like that:
#spawn /bin/su $var(name) -c "/bin/passwd -r files $var(name)"
spawn /bin/su $var(name) -c "/usr/bin/passwd"

sleep 1
expect {
    "Unknown (login|id):" {
        errormsg "unknown user: $var(name)"
        exit
    } -re "(.*) does not exist" {
        errormsg "unknown user: $var(name)"
        exit
    } default {
        errormsg "$expect_out(buffer)"
        exit
    } "Password:"
}
send "$var(old)\r"
sleep 1



how to solve this?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6393908
oops, didn't know of jlevie's script.
My suggestion is independent of this script, please read my comment again (the change is in  /etc/passwd  !)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6394049
What version of Linux are you using? And I don't understand what you mean by  'after i change the /bin/nobash to /usr/bin/passwd,'. Where was that change done? If you were changing a user's shell in /etc/passwd, you need to have changed /bin/nobash to /bin/bash. If, in fact, the user in question has something other than /bin/bash, bin/tch, etc. (i.e., they don't have a valid shell), you'll get that error from the password changing script.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6394342
jlevie, stanleyhuen, the shell should be changed in /etc/passwd to /usr/bin/passwd for those users which are not allowed to login but may change their password via passwd.cgi.
The expect script for these users looks like:

spawn /bin/su $var(name)
sleep 1
expect {
     -re "(.*) does not exist" {
         errormsg "unknown user: $var(name)"
         exit
      } "Old Password:" {
         send "$var(old)\r"
         expect {
              "New Password:" {
                 send "$var(new)\r"
              } default {
                 errormsg "$expect_out(buffer)"
                 exit
              }
         # some more expect { .. } here,
         # probably also some more error checks
      } default {
         errormsg "$expect_out(buffer)"
         exit
      }
}
send "$var(new)\r"
sleep 1

# feel free to mix both expect scripts (jlebie's and mine), or provide different links for users with valid (/bin/bash) and invalid logins (/usr/bin/passwd)
0
 

Author Comment

by:stanleyhuen
ID: 6396321
ahoffmann,
it works!

# feel free to mix both expect scripts (jlebie's and mine), or provide different links for users with
valid (/bin/bash) and invalid logins (/usr/bin/passwd)

but it is not user-friendly to do this, as the user don't know what his shells!

is it possible the script check the shell of the user and then decide to run:
1.
spawn /bin/su $var(name)
2.
spawn /bin/su $var(name) -c "/usr/bin/passwd"


ie.

if "/usr/bin/passwd" then
run 1
else
run 2
fi

I haven't written any expect script before.

Thank you very much.



0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6396377
set fid [open "/etc/passwd"]
set all [read $fid]
close fid
foreach line [split $all \n\r] {
   if [regexp "/usr/bin/passwd$" $line] {
      set login_user = 0
   } else {
      set login_user = 1
   }
   # loop to be improved ;-)
}
if [ $login_user == 1 ] {
   # spawn 1
} else {
   # spawn 2
}
0
 

Author Comment

by:stanleyhuen
ID: 6398461
When I follow the script, it seems have some problem in
set fid [open "/etc/passwd"]
set all [read $fid]
close fid

can you help? or provide some links to learn this script?

Thank you very much
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6398854
should be
  close $fid
sorry for typo
0
 

Author Comment

by:stanleyhuen
ID: 6399721
Sorry, the following doesn't work too!

foreach line [split $all \n\r] {
  if [regexp "/usr/bin/passwd$" $line] {
     set login_user = 0
  } else {
     set login_user = 1
  }
  # loop to be improved ;-)
}
if [ $login_user == 1 ] {
   spawn /bin/su $var(name) -c "/usr/bin/passwd"
} else {
   spawn /bin/su $var(name) }


I try to find out what is the problem, but fail to make it work.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6400181
should stop answering after 8pm ..
here again (tested!):

set fid [open "/etc/passwd"]
set all [read $fid]
close $fid
foreach line [split $all \n\r] {
  if [regexp "/usr/bin/false$" $line] {
     set login_user 0
  } else {
     set login_user 1
  }
  if [regexp -- "^$user" $line] {
     # $user  is user who called this script
     set ll $line
     break
  }
  # loop to be improved ;-)
}
if { $login_user == 1 } {
  # spawn 1
} else {
  # spawn 2
}
0
 

Author Comment

by:stanleyhuen
ID: 8335140
hi experts,

I have encountered problem  in migrating the change password program to a new linux server.

Can you help to solve it?

http://www.experts-exchange.com/Operating_Systems/Linux/Q_20583196.html

Thank you.

Stanley
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to update  and reset admin password for Linux 5 65
awk sed 8 64
Samba Question 11 74
What is the best way to transfer files from and to Linux VNC window? 9 49
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question