version 1.9, 2000/10/29 22:38:21
|
version 1.12, 2000/10/30 03:37:51
|
Line 25 use strict;
|
Line 25 use strict;
|
# Standard input usage |
# Standard input usage |
# First line is USERNAME |
# First line is USERNAME |
|
|
|
# Valid user names must consist of ascii |
|
# characters that are alphabetical characters |
|
# (A-Z,a-z), numeric (0-9), or the underscore |
|
# mark (_). (Essentially, the perl regex \w). |
|
|
# Command-line arguments [USERNAME] |
# Command-line arguments [USERNAME] |
# Yes, but be very careful here (don't pass shell commands) |
# Yes, but be very careful here (don't pass shell commands) |
# and this is only supported to allow perl-system calls. |
# and this is only supported to allow perl-system calls. |
Line 37 use strict;
|
Line 42 use strict;
|
# These are the exit codes. |
# These are the exit codes. |
# ( (0,"ok"), |
# ( (0,"ok"), |
# (1,"User ID mismatch. This program must be run as user 'www'"), |
# (1,"User ID mismatch. This program must be run as user 'www'"), |
# (2,"Error. Too many other simultaneous password change requests being made."), |
# (2,"Error. This program needs just 1 command-line argument (username).") ) |
# (3,"Error. Only one line should be entered into standard input."), |
# (3,"Error. Only one line should be entered into standard input."), |
# (4,"Error. This program needs just 1 command-line argument (username).") ) |
# (4,"Error. Too many other simultaneous password change requests being made."), |
|
# (5,"Error. The user name specified has invalid characters.") ) |
|
|
# Security |
# Security |
$ENV{'PATH'}=""; # Nullify path information. |
$ENV{'PATH'}=""; # Nullify path information. |
Line 96 else {
|
Line 102 else {
|
my ($username)=@input; |
my ($username)=@input; |
$username=~/^(\w+)$/; |
$username=~/^(\w+)$/; |
my $safeusername=$1; |
my $safeusername=$1; |
|
if ($username ne $safeusername) { |
|
print "Error. The user name specified has invalid characters.\n"; |
|
unlink('/tmp/lock_lcpasswd'); |
|
exit 5; |
|
} |
|
|
&enable_root_capability; |
&enable_root_capability; |
|
|
Line 103 my $safeusername=$1;
|
Line 114 my $safeusername=$1;
|
# Remove entry from /etc/passwd if it exists |
# Remove entry from /etc/passwd if it exists |
# Remove entry from /etc/groups if it exists |
# Remove entry from /etc/groups if it exists |
# I surround with groupdel command to make absolutely sure the group definition disappears. |
# I surround with groupdel command to make absolutely sure the group definition disappears. |
system('/usr/sbin/groupdel 2>/dev/null',$safeusername); # ignore error message |
system('/usr/sbin/groupdel',$safeusername); # ignore error message |
system('/usr/sbin/userdel 2>/dev/null',$safeusername); # ignore error message |
system('/usr/sbin/userdel',$safeusername); # ignore error message |
system('/usr/sbin/groupdel 2>/dev/null',$safeusername); # ignore error message |
system('/usr/sbin/groupdel',$safeusername); # ignore error message |
|
|
# Remove entry from /etc/smbpasswd if it exists |
# Remove entry from /etc/smbpasswd if it exists |
my $oldsmbpasswd=`/bin/cat /etc/smbpasswd`; |
my $oldsmbpasswd=`/bin/cat /etc/smbpasswd`; |