Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

To setup Linux NIS, samba and shadow shadow passwords

by tbo (Scribe)
on Jan 02, 2002 at 19:22 UTC ( #135685=sourcecode: print w/ replies, xml ) Need Help??

Category: CGI Programming
Author/Contact Info tbo gilles.thebault@free.fr
Description: CGI Script to setup NIS, samba and shadow passwords over web . I didn't want to use yppasswd because it doesn't use md5 passwords. (I want to keep md5 because one day I hope I will understand ldap, and then migrate to ldap). The HTML form gives login name, old passwd, and new password twice.
#! /usr/bin/perl -T

####################################################
# passwd_sync.pl : Program to Setup Unix, Samba, and NIS passwords ove
+r web.
# licence GPL
####################################################

####################################################
#YOU NEED TO CREATE THIS SCRIPT "SETUID" and owned by
# root (This is a security risk!!)
####################################################

use strict;
use GDBM_File;
use CGI qw(:standard);
use Crypt::PasswdMD5;
use Passwd::Linux qw(modpwinfo);
####################################################
#datas from HTML form#
my $login = param('login');
my $old_passwd = param('old_passwd');
my $passwd1= param('passwd1');
my $passwd2 = param('passwd2');

####################################################
#things you've got to change to suit you're own configuration
####################################################
my $url_server="https://192.168.0.1";   #url of the web server
my $nis_domain="tbo.edu";#the nis domain (get by domainname)
my $SMBPASSWD="/usr/bin/smbpasswd";#location of smbpasswd
my $MAKEDBM="/usr/lib/yp/makedbm";#location of makedbm (YP server)
my $SUDO="/usr/bin/sudo";#location of sudo


###################################################
#location of nis files
my $passwd_byname="/var/yp/".$nis_domain."/passwd.byname"; #location o
+f the file passwd.byname from nis
my $passwd_byuid="/var/yp/".$nis_domain."/passwd.byuid"; #location of 
+the file passwd.byuid from nis

####################################################
my $name; #login name from /etc/passwd
my $shadow_pass; #md5 password's $name from /etc/shadow
my $uid; #uid's $name from /etc/passwd
my $gid; #gid's $name from /etc/passwd
my $gecos; #gecos's $name from /etc/passwd
my $home; #directory's $name from /etc/passwd
my $shell; #shell's $name from etc/passwd
my $crypte;#old passwd crypted in md5 (to compare with $shadow_pass)
my $crypt_passwd; #new passwd crypted in md5
my $modif;#used to modify /etc/shadow with $crypt_passwd
my %nis; #hash where passwd.byname is stored during manipulations
my %nis2; #hash where passwd.byuid is stored during manipulations
my $value; #$name's info from nis DB
my @new_user_info; #array with $name's infos from nis passwd.byname (s
+plit of $value)
my @new_user_info2; #array with $name's infos from nis passwd.byuid (s
+plit of $value)
my $html= new CGI;

####################################################
#HTML Header#
print $html->header;
print $html->start_html(-BGCOLOR=>"white");
####################################################
print "Messages du système : <br><hr>";

($name,$shadow_pass,$uid,$gid,$gecos,$home,$shell)=getpwnam("$login");
$crypte=unix_md5_crypt($old_passwd,$shadow_pass);

if ($uid<500){
  print "You don't have the right to change the password by this way";
}
else {
if ($passwd1 eq $passwd2) {
  if($crypte eq $shadow_pass) {

    $crypt_passwd=unix_md5_crypt($passwd1,int rand (99));
       $modif=modpwinfo($name,$crypt_passwd,$uid,$gid,$gecos,$home,$sh
+ell);
    system ("$SUDO","$SMBPASSWD","-s","$name","$passwd1");

    ($name,$shadow_pass,$uid)=getpwnam("$login");

    tie (%nis,'GDBM_File',$passwd_byname,1,0) or die "Can't access NIS
+ passwd.byname";
    $value=$nis{"$login"};
    @new_user_info=split (/:/,$value);
    $new_user_info[1]="$shadow_pass";
    $value= join (":",@new_user_info);
    $nis{"$login"}=$value;
    untie (%nis);


    tie (%nis2,'GDBM_File',$passwd_byuid,1,0) or die "Can't access NIS
+ passwd.byuid";
    $value=$nis2{$uid};
    @new_user_info2=split (/:/,$value);
    $new_user_info2[1]="$shadow_pass";
    $value= join (":",@new_user_info2);
    $nis2{"$uid"}=$value;
    untie (%nis2);

    system ("$MAKEDBM","-c");
  }
  else {
    print "The old password or the login name are bad.";
      }
}
else { print "Passwords do not match."}
}
####################################################
#HTML footer
print $html->hr;
print $html->a({href=>"$url_server"},"Back");
print $html->end_html;
####################################################

Comment on To setup Linux NIS, samba and shadow shadow passwords
Download Code
Re: To setup Linux NIS, samba and shadow shadow passwords
by scain (Curate) on Jan 02, 2002 at 20:18 UTC
    This may seem like a silly question, but why whould you want to do this via CGI? I mean, yes, there are security conserns, but in addition to that, is this something that you do that often? I have several linux boxes, and I basically do this once for each of them and I am done.

    Scott

      This script will run on a linux server which provides file sharing for windows (samba), linux (NIS) and Xterminal (ltsp) in a french high school. Students use both linux and windows (Windows in the library, Windows or linux in my classroom...), so i thought a cgi script is more simple for them because the way to change the password is the same. Another reason is that when I create the accounts, the password used is the last name, the login name used is the first name. So, they must quickly change the password. And, as I am a (lazy) teacher, I can't be here every day to do that task.

Back to Code Catacombs

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: sourcecode [id://135685]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (11)
As of 2014-08-30 19:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (293 votes), past polls