I am stumped. I have created a script to add a linux user, and it works fine. I have it owned by root, and setuid. It works fine until I want to add the users first and last name to the command. Here is the code that works:
system ("$useradd -d /home/sites/site$site_count/users/$username -g si
+te$site_count -G site-adm$site_count -p $password -s /bin/false -u $u
+id $username");
Here is the code that doesn't work:
system ("$useradd -c \"$fullname\" -d /home/sites/site$site_count/user
+s/$username -g site$site_count -G site-adm$site_count -p $password -s
+ /bin/false -u $uid $username");
It also works fine if I take out the \" and just make sure that $fullname is only one word. Otherwise, that causes problems too.
The non-working line works fine on the command line when run by root. Why are the quotes causing an error? The error I get is:
useradd: unable to lock password file
and more specifically with strace on(last few lines):
open("/var/nis/NIS_COLD_START", O_RDONLY) = -1 ENOENT (No such file or
+ directory)
open("/etc/.pwd.lock", O_WRONLY|O_CREAT, 0600) = -1 EACCES (Permission
+ denied)
write(2, "useradd: unable to lock password"..., 38useradd: unable to l
+ock password file
Do the quotes cause part of the useradd command to be run as the web user without setuid? How do I get around this? Any suggestions would be greatly appreciated.
Thanks,
Rick Guyer
DualTech Services, Inc.