version 1.12, 2001/10/23 03:42:30
|
version 1.15, 2002/02/19 21:51:09
|
Line 1
|
Line 1
|
#!/usr/bin/perl |
#!/usr/bin/perl |
|
|
|
# The Learning Online Network with CAPA |
|
# |
|
# lcpasswd - LON-CAPA setuid script to synchronously change all |
|
# filesystem-related passwords (samba, unix, etc) |
# |
# |
# lcpasswd |
# YEAR=2000 |
|
# 10/27,10/28,10/29,10/30 Scott Harrison |
# |
# |
# Scott Harrison |
|
# SH: October 27, 2000 |
|
# SH: October 28, 2000 |
|
# SH: October 29, 2000 |
|
# YEAR=2001 |
# YEAR=2001 |
# Scott Harrison 10/22 |
# 10/22,10/23,11/13,11/15 Scott Harrison |
|
# |
|
# YEAR=2002 |
|
# 02/19 Matthew Hall |
|
# |
|
# $Id$ |
|
### |
|
|
############################################################################### |
############################################################################### |
## ## |
## ## |
Line 82 use strict;
|
Line 90 use strict;
|
# Security |
# Security |
$ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path |
$ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path |
# information |
# information |
$ENV{'BASH_ENV'}=''; # Nullify shell environment information. |
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints |
|
|
# Do not print error messages |
# Do not print error messages |
my $noprint=1; |
my $noprint=1; |
Line 115 if (@input!=3) {
|
Line 123 if (@input!=3) {
|
unlink('/tmp/lock_lcpasswd'); |
unlink('/tmp/lock_lcpasswd'); |
exit 3; |
exit 3; |
} |
} |
map {chomp} @input; |
foreach (@input) {chomp;} |
|
|
my ($username,$password1,$password2)=@input; |
my ($username,$password1,$password2)=@input; |
$username=~/^(\w+)$/; |
$username=~/^(\w+)$/; |
Line 126 if (($username ne $safeusername) or ($sa
|
Line 134 if (($username ne $safeusername) or ($sa
|
exit 9; |
exit 9; |
} |
} |
my $pbad=0; |
my $pbad=0; |
map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$password1)); |
foreach (split(//,$password1)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$password2)); |
foreach (split(//,$password2)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
if ($pbad) { |
if ($pbad) { |
print "Error. A password entry had an invalid character.\n"; |
print "Error. A password entry had an invalid character.\n"; |
unlink('/tmp/lock_lcpasswd'); |
unlink('/tmp/lock_lcpasswd'); |
Line 161 if ($?) {
|
Line 169 if ($?) {
|
} |
} |
my $userid=getpwnam($safeusername); |
my $userid=getpwnam($safeusername); |
|
|
unless (-e '/usr/bin/smbpasswd') { |
if (-e '/usr/bin/smbpasswd') { |
|
|
($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid |
($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid |
# environment |
# environment |
Line 187 unless (-e '/usr/bin/smbpasswd') {
|
Line 195 unless (-e '/usr/bin/smbpasswd') {
|
close OUT; |
close OUT; |
} |
} |
|
|
open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null"); |
open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null") or |
|
die('cannot run smbpasswd'); |
print OUT $password2; print OUT "\n"; |
print OUT $password2; print OUT "\n"; |
print OUT $password2; print OUT "\n"; |
print OUT $password2; print OUT "\n"; |
close OUT; |
close OUT; |
Line 258 sub try_to_lock {
|
Line 267 sub try_to_lock {
|
close LOCK; |
close LOCK; |
return 1; |
return 1; |
} |
} |
|
|
|
=head1 NAME |
|
|
|
lcpasswd - LON-CAPA setuid script to synchronously change all |
|
filesystem-related passwords (samba, unix, etc) |
|
|
|
=head1 DESCRIPTION |
|
|
|
LON-CAPA setuid script to synchronously change all |
|
filesystem-related passwords (samba, unix, etc) |
|
|
|
=head1 README |
|
|
|
LON-CAPA setuid script to synchronously change all |
|
filesystem-related passwords (samba, unix, etc) |
|
|
|
=head1 PREREQUISITES |
|
|
|
=head1 COREQUISITES |
|
|
|
=pod OSNAMES |
|
|
|
linux |
|
|
|
=pod SCRIPT CATEGORIES |
|
|
|
LONCAPA/Administrative |
|
|
|
=cut |