version 1.10, 2000/10/30 02:31:45
|
version 1.14, 2002/10/07 01:52:28
|
Line 42 use strict;
|
Line 42 use strict;
|
# These are the exit codes. |
# These are the exit codes. |
# ( (0,"ok"), |
# ( (0,"ok"), |
# (1,"User ID mismatch. This program must be run as user 'www'"), |
# (1,"User ID mismatch. This program must be run as user 'www'"), |
# (2,"Error. Too many other simultaneous password change requests being made."), |
# (2,"Error. This program needs just 1 command-line argument (username).") ) |
# (3,"Error. Only one line should be entered into standard input."), |
# (3,"Error. Only one line should be entered into standard input."), |
# (4,"Error. This program needs just 1 command-line argument (username).") ) |
# (4,"Error. Too many other simultaneous password change requests being made."), |
|
# (5,"Error. The user name specified has invalid characters.") ) |
|
|
# Security |
# Security |
$ENV{'PATH'}=""; # Nullify path information. |
$ENV{'PATH'}=""; # Nullify path information. |
Line 104 my $safeusername=$1;
|
Line 105 my $safeusername=$1;
|
if ($username ne $safeusername) { |
if ($username ne $safeusername) { |
print "Error. The user name specified has invalid characters.\n"; |
print "Error. The user name specified has invalid characters.\n"; |
unlink('/tmp/lock_lcpasswd'); |
unlink('/tmp/lock_lcpasswd'); |
exit 9; |
exit 5; |
} |
} |
|
|
&enable_root_capability; |
&enable_root_capability; |
Line 113 if ($username ne $safeusername) {
|
Line 114 if ($username ne $safeusername) {
|
# Remove entry from /etc/passwd if it exists |
# Remove entry from /etc/passwd if it exists |
# Remove entry from /etc/groups if it exists |
# Remove entry from /etc/groups if it exists |
# I surround with groupdel command to make absolutely sure the group definition disappears. |
# I surround with groupdel command to make absolutely sure the group definition disappears. |
system('/usr/sbin/groupdel 2>/dev/null',$safeusername); # ignore error message |
system('/usr/sbin/groupdel',$safeusername); # ignore error message |
system('/usr/sbin/userdel 2>/dev/null',$safeusername); # ignore error message |
system('/usr/sbin/userdel',$safeusername); # ignore error message |
system('/usr/sbin/groupdel 2>/dev/null',$safeusername); # ignore error message |
system('/usr/sbin/groupdel',$safeusername); # ignore error message |
|
|
# Remove entry from /etc/smbpasswd if it exists |
# Remove entry from /etc/smbpasswd if it exists |
my $oldsmbpasswd=`/bin/cat /etc/smbpasswd`; |
# the safest way to do this is with smbpasswd -x |
my $newsmbpasswd=`/bin/grep -v '^${safeusername}:' /etc/smbpasswd`; |
# as that's independent of location of the smbpasswd file. |
|
# |
if ($oldsmbpasswd ne $newsmbpasswd) { |
if (-e '/usr/bin/smbpasswd') { |
open OUT,">/etc/smbpasswd"; |
($>,$<) = (0,0); # fool smbpasswd to think this is not setuid. |
print OUT $newsmbpasswd; |
system('/usr/bin/smbpasswd -x '.$safeusername); |
close OUT; |
$< = $wwwid; |
} |
} |
|
|
|
|
# Change ownership on directory from username:username to www:www |
# Change ownership on directory from username:username to www:www |
# This prevents subsequently added users from having access. |
# This prevents subsequently added users from having access. |
|
|