Solved

system authentication from script

Posted on 2004-09-17
6
196 Views
Last Modified: 2013-12-16
so, is it possible to authenticate against linux system from php-script, by calling some system program or something else and providing username/password? respons should be either true or false. shadow password are in use.  
0
Comment
Question by:cure_22
  • 2
6 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12086861
True

The *nix philosophy is that you can do anything you want. Whether it is easy or not is a different subject.

A google search for 'php unix authentication' lead me to many places, including http://www.kjk.ne.jp/~ihara/php/auth/
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12089300
I've used PHP's IMAP support to do this on occasion. That does mean that the server must be configured to support IMAP authenticating against the system passwd/shadow file, even if it doesn't otherwise offer IMAP for mail.
0
 

Author Comment

by:cure_22
ID: 12099829
that link does not do the right thing, it creates own passwd file which is not encrypted, and is not a system password. I want to authenticate against system user account. Imap is one option, but there is no option to install it to the server. anything else in mind?
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 12103854
The easiest & safest way to authenticate against system data is to use some non-interactive network utility, like IMAP, POP, etc. It is possible to generate an encrypted copy of the user's password and directly compare that to what's in the shadow file. But that requires the PHP code to have root privs, which is a decidely bad idea.

If you can't install an IMAP server for this purpose I suppose you could enable saslauthd and configure it to authenticate against the shadow file. Then you'd need a helper application called from PHP (via system) that employs sasl_checkpass() to authenticate the user. See 'man saslauthd' & 'man sasl_checkpass" for details.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question