Solved

system authentication from script

Posted on 2004-09-17
6
199 Views
Last Modified: 2013-12-16
so, is it possible to authenticate against linux system from php-script, by calling some system program or something else and providing username/password? respons should be either true or false. shadow password are in use.  
0
Comment
Question by:cure_22
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12086861
True

The *nix philosophy is that you can do anything you want. Whether it is easy or not is a different subject.

A google search for 'php unix authentication' lead me to many places, including http://www.kjk.ne.jp/~ihara/php/auth/
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12089300
I've used PHP's IMAP support to do this on occasion. That does mean that the server must be configured to support IMAP authenticating against the system passwd/shadow file, even if it doesn't otherwise offer IMAP for mail.
0
 

Author Comment

by:cure_22
ID: 12099829
that link does not do the right thing, it creates own passwd file which is not encrypted, and is not a system password. I want to authenticate against system user account. Imap is one option, but there is no option to install it to the server. anything else in mind?
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 12103854
The easiest & safest way to authenticate against system data is to use some non-interactive network utility, like IMAP, POP, etc. It is possible to generate an encrypted copy of the user's password and directly compare that to what's in the shadow file. But that requires the PHP code to have root privs, which is a decidely bad idea.

If you can't install an IMAP server for this purpose I suppose you could enable saslauthd and configure it to authenticate against the shadow file. Then you'd need a helper application called from PHP (via system) that employs sasl_checkpass() to authenticate the user. See 'man saslauthd' & 'man sasl_checkpass" for details.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Ubuntu not booting - How get past GRUB? 3 85
Rate limit for DNS queries 7 93
windows 7 starter missing password 21 100
Granting root permissions to a user (in Debian Jessie) 17 55
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question