Allowing user to change their system account password from intranet
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Allowing user to change their system account password from intranet
Friends,
I have configured httpd web server to allow each of the system users to have their own web page (using UserDir directive).
At the same time I have configured ftp server to allow the users to upload their html files to the web server.
With above set up my users need not have any knowledge of linux; they can work from any windows PC on the network.
There is no problem in the above.
However, now I need to allow my users to change their passwords. The point here to note is that the users should be able to do this even from windows PC on the network.
One of the way is to configure a telnet server (or sshd). But I find that the windows PC does not have telnet client.
The other idea is that I should put a php script on the server which would take user name and password from the web page and then change the password. I don't know how can the system account password be changed through script - I will have to check this out.
It is more usual to allow a user to change their passwd. The usermod command can change every other setting on the user, but not the username. Your script will have to change their username in /etc/passwd, /etc/shadow, and /etc/group. You may also have a /etc/group.shadow. You may also want to change their home directories name to match the username. You will also need to add a sanity check to the username. Because these things need to be performed as root, a bad script could give the user root access.
Now sir, I must confess I am a greenhorn :-(
I can't seem to make out what is being said in your reply.
My idea that I could change the password through a php script has come croppers because I realise the "chpasswd" command would have to be given as root.
However, your comments seems intriguing.
Perhaps you would be kind enough to be a little more elaborate. Or better still you could direct me to some writeup.
You can use this cgi program that installs setuid root and thus allows users to change their password through a web interface, as they can do if they're logged into server.
You need to compile using "--disable-smbpasswd" and "--disable-squidpasswd", as you don't need them.
I misread your original post, or you may have edited it. I thought that you wanted to also change the username as well as the password.
Changing ones own password does not require root access because the passwd program is suid root. Technically, the effective user is root (EUID). The program is carefully written to only allow regular (REAL) users to change their own passwords.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
