Solved

system authentication from script

Posted on 2004-09-17
6
192 Views
Last Modified: 2013-12-16
so, is it possible to authenticate against linux system from php-script, by calling some system program or something else and providing username/password? respons should be either true or false. shadow password are in use.  
0
Comment
Question by:cure_22
  • 2
6 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
Comment Utility
True

The *nix philosophy is that you can do anything you want. Whether it is easy or not is a different subject.

A google search for 'php unix authentication' lead me to many places, including http://www.kjk.ne.jp/~ihara/php/auth/
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
I've used PHP's IMAP support to do this on occasion. That does mean that the server must be configured to support IMAP authenticating against the system passwd/shadow file, even if it doesn't otherwise offer IMAP for mail.
0
 

Author Comment

by:cure_22
Comment Utility
that link does not do the right thing, it creates own passwd file which is not encrypted, and is not a system password. I want to authenticate against system user account. Imap is one option, but there is no option to install it to the server. anything else in mind?
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
Comment Utility
The easiest & safest way to authenticate against system data is to use some non-interactive network utility, like IMAP, POP, etc. It is possible to generate an encrypted copy of the user's password and directly compare that to what's in the shadow file. But that requires the PHP code to have root privs, which is a decidely bad idea.

If you can't install an IMAP server for this purpose I suppose you could enable saslauthd and configure it to authenticate against the shadow file. Then you'd need a helper application called from PHP (via system) that employs sasl_checkpass() to authenticate the user. See 'man saslauthd' & 'man sasl_checkpass" for details.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now