Annotation of loncom/lcpasswd, revision 1.10
1.1 harris41 1: #!/usr/bin/perl
1.3 harris41 2: #
3: # lcpasswd
4: #
5: # Scott Harrison
1.6 harris41 6: # SH: October 27, 2000
7: # SH: October 28, 2000
1.1 harris41 8:
9: use strict;
10:
11: # This script is a setuid script that should
1.4 harris41 12: # be run by user 'www'. This script allows
13: # for synchronous entry of passwords into
14: # both the /etc/passwd and the /etc/smbpasswd
15: # files.
1.1 harris41 16:
1.5 harris41 17: # This script works under the same process control mechanism
18: # as lcuseradd and lcpasswd, to make sure that only one of these
19: # processes is running at any one time on the system.
20:
1.1 harris41 21: # Standard input usage
22: # First line is USERNAME
23: # Second line is CURRENT PASSWORD
24: # Third line is NEW PASSWORD
25:
1.8 harris41 26: # Valid passwords must consist of the
27: # ascii characters within the inclusive
28: # range of 0x20 (32) to 0x7E (126).
29: # These characters are:
30: # SPACE and
31: # !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO
32: # PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
33:
34: # Valid user names must consist of ascii
35: # characters that are alphabetical characters
36: # (A-Z,a-z), numeric (0-9), or the underscore
37: # mark (_). (Essentially, the perl regex \w).
38:
1.4 harris41 39: # Command-line arguments
40: # Yes, but be very careful here (don't pass shell commands)
41: # and this is only supported to allow perl-system calls.
42:
43: # Usage within code
1.5 harris41 44: # Note: NEVER run as system("/home/httpd/perl/lcpasswd NAME OLDPWD NEWPWD")
1.4 harris41 45: #
1.5 harris41 46: # $exitcode=system("/home/httpd/perl/lcpasswd","NAME","OLDPWD","NEWPWD")/256;
1.4 harris41 47: # print "uh-oh" if $exitcode;
48:
49: # These are the exit codes.
50: # ( (0,"ok"),
1.7 harris41 51: # (1,"User ID mismatch. This program must be run as user 'www'"),
1.10 ! harris41 52: # (2,"Error. This program needs 3 command-line arguments (username, old password, new password)."),
1.6 harris41 53: # (3,"Error. Three lines need to be entered into standard input."),
54: # (4,"Error. Too many other simultaneous password change requests being made."),
55: # (5,"Error. User $username does not exist."),
56: # (6,"Error. Invalid entry of current password."),
1.10 ! harris41 57: # (7,"Error. Root was not successfully enabled."),
! 58: # (8,"Error. Cannot open /etc/passwd."),
! 59: # (9,"Error. The user name specified has invalid characters."),
! 60: # (10,"Error. A password entry had an invalid character.") )
1.4 harris41 61:
1.1 harris41 62: # Security
1.6 harris41 63: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information except for what smbpasswd needs
64: $ENV{'BASH_ENV'}=''; # Nullify shell environment information.
1.1 harris41 65:
1.4 harris41 66: # Do not print error messages if there are command-line arguments
67: my $noprint=0;
68: if (@ARGV) {
69: $noprint=1;
70: }
71:
1.5 harris41 72: # Read in /etc/passwd, and make sure this process is running from user=www
1.6 harris41 73: open (IN, '</etc/passwd');
1.1 harris41 74: my @lines=<IN>;
75: close IN;
76: my $wwwid;
77: for my $l (@lines) {
78: chop $l;
79: my @F=split(/\:/,$l);
80: if ($F[0] eq 'www') {$wwwid=$F[2];}
81: }
82: if ($wwwid!=$<) {
1.4 harris41 83: print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint;
84: exit 1;
1.1 harris41 85: }
1.2 harris41 86: &disable_root_capability;
1.1 harris41 87:
1.5 harris41 88: # Handle case of another lcpasswd process
1.6 harris41 89: unless (&try_to_lock('/tmp/lock_lcpasswd')) {
1.5 harris41 90: print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
91: exit 4;
92: }
93:
1.4 harris41 94: # Gather input. Should only be 3 values.
95: my @input;
96: if (@ARGV==3) {
97: @input=@ARGV;
98: }
99: elsif (@ARGV) {
100: print("Error. This program needs 3 command-line arguments (username, old password, new password).\n") unless $noprint;
1.6 harris41 101: unlink('/tmp/lock_lcpasswd');
1.4 harris41 102: exit 2;
103: }
104: else {
105: @input=<>;
106: if (@input!=3) {
107: print("Error. Three lines need to be entered into standard input.\n") unless $noprint;
1.6 harris41 108: unlink('/tmp/lock_lcpasswd');
1.4 harris41 109: exit 3;
110: }
111: map {chop} @input;
1.1 harris41 112: }
113:
1.4 harris41 114: my ($username,$oldpwd,$newpwd)=@input;
1.8 harris41 115: $username=~/^(\w+)$/;
116: my $safeusername=$1;
117: if ($username ne $safeusername) {
118: print "Error. The user name specified has invalid characters.\n";
119: unlink('/tmp/lock_lcpasswd');
120: exit 9;
121: }
1.9 harris41 122: my $pbad=0;
123: map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$oldpwd));
124: map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$newpwd));
125: if ($pbad) {
126: print "Error. A password entry had an invalid character.\n";
127: unlink('/tmp/lock_lcpasswd');
128: exit 10;
129: }
1.1 harris41 130:
131: # Grab the line corresponding to username
132: my ($userid,$useroldcryptpwd);
133: my @F; my @U;
134: for my $l (@lines) {
135: @F=split(/\:/,$l);
136: if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;}
137: }
138:
139: # Verify existence of user
140: if (!defined($userid)) {
1.4 harris41 141: print "Error. User $username does not exist.\n" unless $noprint;
1.6 harris41 142: unlink('/tmp/lock_lcpasswd');
1.4 harris41 143: exit 5;
1.1 harris41 144: }
145:
146: # Verify password entry
147: if (crypt($oldpwd,$useroldcryptpwd) ne $useroldcryptpwd) {
1.4 harris41 148: print "Error. Invalid entry of current password.\n" unless $noprint;
1.6 harris41 149: unlink('/tmp/lock_lcpasswd');
1.4 harris41 150: exit 6;
1.1 harris41 151: }
152:
1.2 harris41 153: # Construct new password entry (random salt)
154: my $newcryptpwd=crypt($newpwd,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
1.1 harris41 155: $U[1]=$newcryptpwd;
1.6 harris41 156: my $userline=join(':',@U);
1.2 harris41 157: my $rootid=&enable_root_capability;
158: if ($rootid!=0) {
1.4 harris41 159: print "Error. Root was not successfully enabled.\n" unless $noprint;
1.6 harris41 160: unlink('/tmp/lock_lcpasswd');
1.4 harris41 161: exit 7;
1.2 harris41 162: }
1.6 harris41 163: open PASSWORDFILE, '>/etc/passwd' or (print("Error. Cannot open /etc/passwd.\n") && unlink('/tmp/lock_lcpasswd') && exit(8));
1.1 harris41 164: for my $l (@lines) {
165: @F=split(/\:/,$l);
166: if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";}
167: else {print PASSWORDFILE "$l\n";}
168: }
169: close PASSWORDFILE;
1.8 harris41 170:
1.2 harris41 171: ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
1.6 harris41 172: unless (-e '/etc/smbpasswd') {
173: open (OUT,'>/etc/smbpasswd'); close OUT;
1.2 harris41 174: }
175: my $smbexist=0;
1.6 harris41 176: open (IN, '</etc/smbpasswd');
1.2 harris41 177: my @lines=<IN>;
178: close IN;
179: for my $l (@lines) {
180: chop $l;
181: my @F=split(/\:/,$l);
182: if ($F[0] eq $username) {$smbexist=1;}
183: }
184: unless ($smbexist) {
1.6 harris41 185: open(OUT,'>>/etc/smbpasswd');
186: print OUT join(':',($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n";
1.2 harris41 187: close OUT;
188: }
189: open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null");
190: print OUT $newpwd; print OUT "\n";
191: print OUT $newpwd; print OUT "\n";
192: close OUT;
193: $<=$wwwid; # unfool the program
1.1 harris41 194: &disable_root_capability;
1.6 harris41 195: unlink('/tmp/lock_lcpasswd');
1.4 harris41 196: exit 0;
1.1 harris41 197:
1.4 harris41 198: # ----------------------------------------------------------- have setuid script run as root
1.1 harris41 199: sub enable_root_capability {
1.2 harris41 200: if ($wwwid==$>) {
1.1 harris41 201: ($<,$>)=($>,$<);
202: ($(,$))=($),$();
203: }
204: else {
205: # root capability is already enabled
206: }
1.2 harris41 207: return $>;
1.1 harris41 208: }
209:
1.4 harris41 210: # ----------------------------------------------------------- have setuid script run as www
1.1 harris41 211: sub disable_root_capability {
1.2 harris41 212: if ($wwwid==$<) {
1.1 harris41 213: ($<,$>)=($>,$<);
214: ($(,$))=($),$();
215: }
216: else {
217: # root capability is already disabled
218: }
219: }
220:
1.4 harris41 221: # ----------------------------------- make sure that another lcpasswd process isn't running
1.1 harris41 222: sub try_to_lock {
223: my ($lockfile)=@_;
224: my $currentpid;
225: my $lastpid;
1.5 harris41 226: # Do not manipulate lock file as root
227: if ($>==0) {
228: return 0;
229: }
230: # Try to generate lock file.
231: # Wait 3 seconds. If same process id is in
232: # lock file, then assume lock file is stale, and
233: # go ahead. If process id's fluctuate, try
234: # for a maximum of 10 times.
1.1 harris41 235: for (0..10) {
236: if (-e $lockfile) {
237: open(LOCK,"<$lockfile");
238: $currentpid=<LOCK>;
239: close LOCK;
240: if ($currentpid==$lastpid) {
241: last;
242: }
243: sleep 3;
244: $lastpid=$currentpid;
245: }
246: else {
247: last;
248: }
249: if ($_==10) {
250: return 0;
251: }
252: }
253: open(LOCK,">$lockfile");
254: print LOCK $$;
255: close LOCK;
256: return 1;
257: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>