Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re: Public Access Linux Box

by lacertus (Monk)
on Mar 15, 2003 at 09:11 UTC ( [id://243264]=note: print w/replies, xml ) Need Help??


in reply to Public Access Linux Box

Managed to solve the problem with much hair-pulling. For some reason (perhaps platform dependant), perl (or probably more correctly passwd itself) refuses to accept a change of password when run
system "/usr/bin/passwd", $username;
I am happy enough leaving this fact alone, and have rather manually taken in the passwd and encrypted it with crypt. This is probably superfluous, but I may as well show you what I did in case someone has this problem in the future.
print "Password: "; chomp(my $passwd = <STDIN>); $passwd = crypt($passwd, time()); $uid=($max+1); system '/usr/sbin/useradd', "-u $uid", '-s', $shell, '-p', $passwd, '-g 100', '-m', $username;
So simple in hindsight. Perl really humbles me!

Replies are listed 'Best First'.
Re^2: Public Access Linux Box
by Aristotle (Chancellor) on Mar 15, 2003 at 12:52 UTC
    Or maybe in more Perlish lingo:
    print "Password: "; chomp(my $passwd = <STDIN>); system( '/usr/sbin/useradd', -u => $max + 1, -s => $shell, -p => crypt($passwd, time), -g => 100, '-m', $username, );
    :-) Btw, I recommend removing the setuid bit from useradd ASAP. Otherwise, anyone can do something like
    $ /usr/sbin/useradd -u 0 -g 0 -s /bin/bash -p crypted_passwd_here -m root2
    which is a classic escalation of privileges attack. Instead, you want to look into sudo. Your /etc/sudoers should have a line like this:
    newuser ALL = (root) NOPASSWD: /usr/sbin/useradd
    and then your code changes to
    system( '/usr/bin/sudo', '/usr/sbin/useradd', -u => $max + 1, -s => $shell, -p => crypt($passwd, time), -g => 100, '-m', $username, );
    That way only newuser, whom only root has control of, may add new users.

    Makeshifts last the longest.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://243264]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (5)
As of 2024-03-29 13:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found