[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

system authentication from script

Posted on 2004-09-17
6
Medium Priority
?
204 Views
Last Modified: 2013-12-16
so, is it possible to authenticate against linux system from php-script, by calling some system program or something else and providing username/password? respons should be either true or false. shadow password are in use.  
0
Comment
Question by:cure_22
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 12086861
True

The *nix philosophy is that you can do anything you want. Whether it is easy or not is a different subject.

A google search for 'php unix authentication' lead me to many places, including http://www.kjk.ne.jp/~ihara/php/auth/
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12089300
I've used PHP's IMAP support to do this on occasion. That does mean that the server must be configured to support IMAP authenticating against the system passwd/shadow file, even if it doesn't otherwise offer IMAP for mail.
0
 

Author Comment

by:cure_22
ID: 12099829
that link does not do the right thing, it creates own passwd file which is not encrypted, and is not a system password. I want to authenticate against system user account. Imap is one option, but there is no option to install it to the server. anything else in mind?
0
 
LVL 40

Accepted Solution

by:
jlevie earned 800 total points
ID: 12103854
The easiest & safest way to authenticate against system data is to use some non-interactive network utility, like IMAP, POP, etc. It is possible to generate an encrypted copy of the user's password and directly compare that to what's in the shadow file. But that requires the PHP code to have root privs, which is a decidely bad idea.

If you can't install an IMAP server for this purpose I suppose you could enable saslauthd and configure it to authenticate against the shadow file. Then you'd need a helper application called from PHP (via system) that employs sasl_checkpass() to authenticate the user. See 'man saslauthd' & 'man sasl_checkpass" for details.
0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question