loncom/pwchange - view

File: [LON-CAPA] / loncom / pwchange
Revision 1.10: download - view: text, annotated - select for diffs
Fri Jul 17 02:20:59 2009 UTC (14 years, 10 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_9_X, version_2_9_99_0, version_2_9_1, version_2_9_0, version_2_8_99_1, version_2_8_99_0, version_2_12_X, version_2_11_X, version_2_11_4_uiuc, version_2_11_4_msu, version_2_11_4, version_2_11_3_uiuc, version_2_11_3_msu, version_2_11_3, version_2_11_2_uiuc, version_2_11_2_msu, version_2_11_2_educog, version_2_11_2, version_2_11_1, version_2_11_0_RC3, version_2_11_0_RC2, version_2_11_0_RC1, version_2_11_0, version_2_10_X, version_2_10_1, version_2_10_0_RC2, version_2_10_0_RC1, version_2_10_0, loncapaMITrelate_1, language_hyphenation_merge, language_hyphenation, bz6209-base, bz6209, bz2851, PRINT_INCOMPLETE_base, PRINT_INCOMPLETE, HEAD, GCI_3, GCI_2, BZ4492-merge, BZ4492-feature_horizontal_radioresponse, BZ4492-feature_Support_horizontal_radioresponse, BZ4492-Support_horizontal_radioresponse

--stdin option not available with system passwd command in debian/ubuntu
 - use system call to usermod instead.

#!/usr/bin/perl # The Learning Online Network with CAPA # # pwchange - setuid script to change unix passwords # # YEAR=2001 # # YEAR=2002 # 02/19 Matthew Hall # # $Id: pwchange,v 1.10 2009/07/17 02:20:59 raeburn Exp $ ### use strict; my $noprint = 1; print "In pwchange\n" unless $noprint; print "Real uid = $< effective uid = $> \n" unless $noprint; # ------------------------------------------------------------------ Untainting $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information. delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints # ---------------------------- Make sure this process is running from user=root if (0 != $<) { print "Username not root" unless $noprint; exit 1; } # ----------------------------------------------- If not running setuid as root if ($>!=0) { print "Not setuid to root" unless $noprint; exit 1; } # ----------------------------------------------- Make sure arguments are valid my $user=shift @ARGV; $user=~/^(\w+)$/; my $safe=$1; print "Save user = $safe" unless $noprint; my $pword=<>; chomp $pword; unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) { exit 2; } print "Password = $pword" unless $noprint; my $pbad=0; foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} exit 3 if $pbad; # --------------------------------------------------------- Call system command my $distro; if (open(PIPE,"perl distprobe|")) { $distro = <PIPE>; close(PIPE); } if ($distro =~ /^ubuntu|debian/) { open(OUT,"|/usr/sbin/usermod -p `mkpasswd $pword` $safe"); close(OUT); } else { open(OUT,"|passwd --stdin $safe >/dev/null"); print OUT $pword; print OUT "\n"; close(OUT); } # --------------------------------------- exit with status of command execution exit $?/256; =head1 NAME pwchange - setuid script to change unix passwords =head1 DESCRIPTION Setuid script to change unix passwords. =head1 README Setuid script to change unix passwords. =head1 PREREQUISITES =head1 COREQUISITES =pod OSNAMES linux =pod SCRIPT CATEGORIES LONCAPA/Administrative =cut

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.