LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 01-05-2009, 11:44 PM   #1
Red Squirrel
Member
 
Registered: Dec 2003
Distribution: FC9 on main server
Posts: 778

Rep: Reputation: 36
call useradd and passwd through no prompt script


I'm writing a hosting control panel and one process involves creating or editing a shell user (ex: password reset). How do I go about calling these user functions without a prompt. Passwd especially.

Or is there a C++ library in Linux that will let me perform the same tasks? I suppose I could write directly to /etc/passwd and /etc/shadow but just wondering if there's a better way.
 
Old 01-06-2009, 01:52 AM   #2
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,013

Rep: Reputation: 83
Look at the -p options to useradd and usermod.

Sample code snip:
Code:
#!/bin/bash
##
## Set a default password and perform a password reset
l_user=$1
if [ "$l_user" != "" ]
then
   l_password="Reset"
   l_encrypted_pass=$(mkpasswd -s --hash=md5 ${l_password})
   echo "/usr/sbin/usermod -p ${l_encrypted_pass} ${l_user}"
   ## Uncomment when you are happy with the test results
   ##/usr/sbin/usermod -p ${l_encrypted_pass} ${l_user}
fi
EDIT:-

As this script would need to run as root, you need to perform enough checking so that you are happy that users will not be able to break your system (intentionally or otherwise)

Do you want to allow root (and other system accounts) to have their passwords reset? I would suggest not, so you might need to check the contents against a blocked list.

Also I would suggest checking that ;'&> (and possibly other) characters are not contained in $user

I would test by passing incorrect data to see what it echos:
./script 'user;cat /etc/shadow'
./script root
./script >/tmp/etc/passwd -- Don't test directly with /etc/passwd or other files that are key to the system

This is probably not a definitive list of ways to use this script to break a system, but it's what I can think of at the moment.

Last edited by Disillusionist; 01-06-2009 at 02:08 AM.
 
Old 01-06-2009, 02:19 PM   #3
Red Squirrel
Member
 
Registered: Dec 2003
Distribution: FC9 on main server
Posts: 778

Original Poster
Rep: Reputation: 36
I don't have mkpasswd on my system. Is there a way to do the same thing in C++? Sure I can go find the program online, but if I don't have it chances are other people don't, so I want to avoid having a depedancy to my program. (this will be redistributed eventually)

For now I'm not looking too much at security, but yeah it is to consider to filter stuff. There will be a full blown ACL system where I can fine tune who has access to do what.
 
Old 01-06-2009, 03:26 PM   #4
Autocross.US
LQ Newbie
 
Registered: Aug 2006
Location: Chesapeake, VA
Distribution: Solaris, HP-UX, RedHat, Fedora
Posts: 15

Rep: Reputation: 0
This works on FC/RHEL:

echo "your_password" | passwd --stdin USERNAME
 
Old 01-06-2009, 06:23 PM   #5
Red Squirrel
Member
 
Registered: Dec 2003
Distribution: FC9 on main server
Posts: 778

Original Poster
Rep: Reputation: 36
Thanks that worked!

Also I'm using system() for all of this, is there a better way other then editing /etc/passwd and /etc/shadow directly?
 
Old 01-07-2009, 01:33 AM   #6
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,013

Rep: Reputation: 83
Quote:
Originally Posted by Red Squirrel View Post
Thanks that worked!

Also I'm using system() for all of this, is there a better way other then editing /etc/passwd and /etc/shadow directly?
No, the usermod and password commands are the safest ways of modifying a users password, this is what they were designed to do.

Don't forget to test the hell out of the input values!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Prompt 4 passwd change after every 3 months varunkant Linux - Security 6 11-26-2008 07:09 PM
useradd in a script john83reuben Linux - Newbie 8 05-28-2008 06:48 PM
How can I script an autologin, automatically call kde(or simillar) and call an app aboaventura Slackware 8 02-03-2007 11:00 PM
create a user who can also run useradd and passwd only kkeith Linux - Newbie 5 06-29-2006 06:43 AM
How to stop prompt for root passwd when dialing with kppp? aethereal Linux - Newbie 13 04-16-2002 08:31 AM


All times are GMT -5. The time now is 01:36 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration