LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Suse/Novell
User Name
Password
Suse/Novell This Forum is for the discussion of Suse Linux.

Notices

Reply
 
Search this Thread
Old 09-23-2005, 09:08 PM   #1
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Rep: Reputation: 15
HOW-TO? Create User, Set Password with script


Switching to SuSE from Red Hat 9. Have a "build" script that sets up directories, copies files, and creates specific users. The part of the script that doesn't work on SuSE looks like this (yes, it works on Red Hat):

Code:
# makeuser $1=username $2=password
groupadd workstations > /dev/null
useradd -e 2025-12-31 -g workstations -n $1
echo $2 > pw
cat pw | passwd --stdin $1
Converting to SuSE, the -n on useradd is removed (Red Hat specific: don't create group with username), and SuSE does create the user.

However, SuSE's passwd doesn't believe the stdin parameter, and so far I haven't stumbled on a way to stuff the password into it...

Any ideas?
 
Old 09-24-2005, 03:08 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
seems a pretty obtuse way to achieve a simple goal. Surely you can just use the password as a command line parameter?
[code]passwd $1 $2[code]
where did that bizarre file redirection and cat come from? how does that achieve anything more than "echo $2 | passwd --stdin $1" would have in the first place?

Also if this script is creating standard directories in each new users home directory then you mightn't be aware that ususally any directories in /etc/skel/ will be copied to a new users home and set up for them automatically.
 
Old 09-24-2005, 03:18 AM   #3
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
hmm ok, different passwd versions will or won't accept command line passwords... when all else fails, try expect: http://floppsie.comp.glam.ac.uk/Glam...ripting/5.html
 
Old 09-24-2005, 11:14 AM   #4
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by acid_kewpie
seems a pretty obtuse way to achieve a simple goal.
Does it? Why?

Quote:
Surely you can just use the password as a command line parameter?
[code]passwd $1 $2[code]
Surely? Did you try? Did it work? Not on my SuSE 9.2 system, and not on the RH 9, either. Maybe it's some sort of preferences or setup issue, but that's what's happening.

Quote:
where did that bizarre file redirection and cat come from? how does that achieve anything more than "echo $2 | passwd --stdin $1" would have in the first place?
Where did it come from? Well - assuming you asked because you are really curious, as opposed to just tossing out an insult - it was part of another script which set a series of passwords from existing files rather than as input parameters, so the cat .. passwd was already known to work; in the case of this present little script, I happened to look at creating the file for that line to read rather than using echo in the line... in short, it was the first thing I tried, and it worked. Why is it any more bizarre than your idea? They both work, on RH9, but not on SuSE 9.2

Since the point of my question was to find one that works on SuSE, if you've got (a non-bizarre) one that works on SuSE, I'd like to see it, please.

Quote:
Also if this script is creating standard directories in each new users home directory then you mightn't be aware that ususally any directories in /etc/skel/ will be copied to a new users home and set up for them automatically.
What does the fact that useradd is (or is not) creating standard directories have to do with whether I might or might not be aware that RH 9's version of useradd copies the skeleton? Since SuSE isn't on your list of distros, you might not be aware that SuSE useradd does not create home directories as its standard behavior.


I appreciate the fact that you responded, but I don't really appreciate your characterizations of "obtuse" and "bizarre", and it's not particularly useful to suggest that "surely" something will work that in fact does not work.

Last edited by longtex; 09-24-2005 at 12:46 PM.
 
Old 09-24-2005, 12:12 PM   #5
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by acid_kewpie
hmm ok, different passwd versions will or won't accept command line passwords... when all else fails, try expect: http://floppsie.comp.glam.ac.uk/Glam...ripting/5.html
I followed your advice, looked at the example... and it doesn't work.

I did some more research, and it appears that passwd has a little problem in that it sends "password:" before it's really ready to accept input, so it winds up missing one of the passwords sent to it, and the script quits with only one password sent, so nothing is changed. The authors of expect say this is a known problem and the workaround is to put a little pause before sending... but I haven't been able to find the pause command for expect, yet... when I do, I'll let you know - unless that would be too bizarre???
 
Old 09-24-2005, 12:37 PM   #6
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by longtex
when I do, I'll let you know - unless that would be too bizarre???
Got it. It was "hidden" in the man pages - under "sleep" instead of "pause"... just put the command
Code:
sleep 2
or whatever (2 worked for me) length of time you want it to wait, after the expect and before the send.

Here's the password-changin' expect script, named "newpass.es":
Code:
spawn passwd [lindex $argv 0]
set password [lindex $argv 1]
expect "password:"
sleep 2
send "$password\r"
expect "password:"
sleep 2
send "$password\r"
expect eof
So you just run
Code:
expect newpass.es username newpassweird
and Bob's yer Onkel - you have changed the password for user "username" to "newpassweird" - of course, you gotta be superuser to do it, but you are, aren't you?

Last edited by longtex; 09-25-2005 at 11:07 AM.
 
Old 09-27-2005, 07:34 AM   #7
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 231Reputation: 231Reputation: 231
I have had the same problem & frustration in a Samba context (Samba User Scripting) & soon discovered, as you did, that 'passwd' isn't always 'passwd'. Worse, there is no version info. available for most of the ones I examined.

rant Every %%^-^&-*()c#ing %^7*()m m0&#3r-f@$%ing utility should have a version option, preferably '-V' & '--version'. /rant

Now that I have gotten that off my chest, back to the problem. On a whim, I did:
Code:
man -k password
# actually I refined it to:
man -k password |grep '([18]' |sort -k3 |uniq -cf3  \
 |sed 's,^    ,,'|less -S~#25
and voila, there was "chpasswd (8) - update password file in batch" -- just what I needed.
Code:
echo <user>:<pass>  | chpasswd
worked for me.
Code:
echo $1:$2  | chpasswd
should work for you.


Of course I am running a (Debian based) MEPIS system, so there are no guarantees that "chpasswd" is available in SuSE. After a few false starts, I did a Linux Google on:
chpasswd(8) suse
http://www.google.com/linux?q=chpasswd%288%29+suse
which seems to indicate that is is available for you.

Moral
We all know about "RTFM" & "Google is your friend", but it would seem that
"Apropos (man -k) is your friend, too".

BTW, what does
Code:
echo $2 > pw
cat pw | passwd --stdin $1
do, that
Code:
echo $2 | passwd --stdin $1
does not?
 
Old 09-28-2005, 10:59 AM   #8
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by archtoad6
I have had the same problem & frustration in a Samba context (Samba User Scripting) & soon discovered, as you did, that 'passwd' isn't always 'passwd'. Worse, there is no version info. available for most of the ones I examined.

rant Every %%^-^&-*()c#ing %^7*()m m0&#3r-f@$%ing utility should have a version option, preferably '-V' & '--version'. /rant

Now that I have gotten that off my chest, back to the problem. On a whim, I did:
Code:
man -k password
# actually I refined it to:
man -k password |grep '([18]' |sort -k3 |uniq -cf3  \
 |sed 's,^    ,,'|less -S~#25
and voila, there was "chpasswd (8) - update password file in batch" -- just what I needed.
Code:
echo <user>:<pass>  | chpasswd
worked for me.
Code:
echo $1:$2  | chpasswd
should work for you.


Of course I am running a (Debian based) MEPIS system, so there are no guarantees that "chpasswd" is available in SuSE. After a few false starts, I did a Linux Google on:
chpasswd(8) suse
http://www.google.com/linux?q=chpasswd%288%29+suse
which seems to indicate that is is available for you.

Moral
We all know about "RTFM" & "Google is your friend", but it would seem that
"Apropos (man -k) is your friend, too".

BTW, what does
Code:
echo $2 > pw
cat pw | passwd --stdin $1
do, that
Code:
echo $2 | passwd --stdin $1
does not?
Looks like chpasswd will work on SuSE 9.2 - thanks! The "expect" workaround already fixed the particular problem, but I'll probably switch to chpasswd the next time I get into the "build" disk (which might not be that long - the client is opening four more stores in the next few months).

The biggest problem with googling and man'ning and whatnot is finding the right combination of keywords, which is also true of RTFM'ing - if you don't look in any given index for the right word or phrase you come up with nothing, or nothing useful (12,578,413 hits doesn't do you much good if you don't find what you're looking for in the first 30 or 40... which is why forums and usenet get hit with these kinds of questions.

In answer to your BTW, which BTW I think I covered in an earlier response to acid_kewpie, it doesn't do anything that the one-liner doesn't do just as well - the reason I used it is that it was the first thing I tried (copied from a similar script) AND IT WORKED. I work in the principle "If it ain't broke, don't fix it", AND IT WORKED. I don't know what the time saving would be in using the one-liner versus my "obtuse" anbd "bizarre" two-liner, but I'm willing to bet that it is totally insignificant in the actual use (which is a few times a week, not hundreds of thousands of times a day) and it therefore "ain't broke". Do I agree that the one-liner is "better"? Sure I do. Did I change the script? Yes, I did. Does it make any difference in how the script works? Not that I can see.

No software is ever "finished", whether it's an operating system or a simple script... if it was, you'd probably be using DOS 1.0 still.

There are ALWAYS pieces of code in any given chunk of software, that don't work - sometimes nobody's ever managed to do something that makes the non-working code execute, sometimes the non-working code doesn't cause any problems that are major enough for someone to bother finding and fixing the code; sometimes it's a major problem and it gets fixed.

There are also - I firmly believe - many times more pieces of code that are "inefficient", and the same conditions apply there. If it works, and its users don't perceive a "problem" because the code uses twethy-three bytes of memory unnecessarily or because it takes an extra 0.017 seconds to execute, well... I'd say it "ain't broke" and there isn't any real point in "fixing" it. If it uses hundreds of thousands of bytes or takes several seconds, or even minutes, then it gets fixed.

Now, if I am looking at code and notice something and think "damn, that's obtuse and bizarre" and I know of a simple way to change it, I will usually simplify it... but I am usually looking at code trying to find something that IS broke, so I'm not looking for code that is merely "o. & b.". Plus, when you're fixing something that IS broke, my feeling is that it's best to change as little as possible, because of the laws of unintended consequences, i.e., that sometimes fixing one thing can break something else.

Whooo... I apologize for the long answer. But, again, many thanks for finding the "ch" in front of passwd!
 
Old 10-01-2005, 10:09 AM   #9
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 231Reputation: 231Reputation: 231
No apology for length necessary, like so many (don't take offense) "semi-rants", it was very interesting.

I think you have coined a new term "O&B".


I think we are all guilty of it. -- Just yesterday I was reviewing a script I wrote to strip the 4 lines of German header info from a Knoppix packages.txt file & substitute English ones.

If only tail would accept "-n-n" the same as head does. (The regular "-nn" causes them to display only the last/first n lines, adding the '-' makes that all but the first n lines in head.) I used some super O&B construct involving feeding tail a backticked wc to awk pipeline inside an arithmetic expression which subtracted 4 ... It was so bad, I don't even want to try to reconstruct it. It would qualify as "OB&B" -- "obtuse, bizarre, & Byzantine".

I replaced it w/ a simple sed -n '5,$p'
 
Old 10-01-2005, 11:46 AM   #10
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Original Poster
Rep: Reputation: 15
Quote:
Remember Alexander - you don't have to untie the knot to solve the puzzle.
OTOH, Sometimes it's better to U N T I E than to cut...

In my main app I have running code that was written more than twenty years ago and has never ben changed through all the versions, expansions, and enhancements... and - wait for it - IT AIN'T BROKE, so I ain't fixed it. It's ugly, even O&B, but IT WORKS. I wince when I skim by it, but I've resisted the urge to "fix" it. In some cases it was O&B when it was written, and in some it was the only way to do it at the time (think dBASE II on CP/M machines - 64K with two 360K floppies, no hard disk).

Ahhhh, the good ol' days.
 
Old 10-01-2005, 02:42 PM   #11
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 231Reputation: 231Reputation: 231
And then there are days when I just want to play with my (virtual) marlin spike.

Practical engineers have a pair of contradictory mottoes:
  • Don't buy what you can build.
  • Don't build what you can buy.

Which really each contain an unspoken "cheaper" at the end:
  • Don't buy what you can build cheaper.
  • Don't build what you can buy cheaper.

As for Alexander, I heard a very similar idea first in the Army, and many other places since:
"When you're up to your ass in alligators, it's kind of hard to remember that your original goal was to drain the swamp." Both get at our tendencies to get bogged down in minute debugging, instead of effective problem solving. Besides, line about Alexander is original. If you quote it elsewhere, please attribute.
 
Old 10-01-2005, 07:36 PM   #12
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Original Poster
Rep: Reputation: 15
Quote:
Besides, line about Alexander is original.
As far as YOU know...

Quote:
If you quote it elsewhere, please attribute.
How do you prefer it attributed? archtoad6? Or...

Now I got an original fer you:

longtex's Second Law: You Don't GET What You Don't PAY For. (There's an old saying, "You get what you pay for", but it's wrong - there's been plenty of times I've paid for something and NOT got it.)
 
Old 10-02-2005, 05:05 AM   #13
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 231Reputation: 231Reputation: 231
"archtoad6 on LinuxQuestions.org" or perhaps my current script tag "f.a.archibald.iii"
 
Old 10-02-2005, 02:35 PM   #14
longtex
Member
 
Registered: Aug 2004
Location: Texhuahua
Distribution: RedHat 6,7,9,EL; SuSE 9.2 Pro, Knoppix 3.4/.7/.9, Fedora Core 4
Posts: 87

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by archtoad6
"archtoad6 on LinuxQuestions.org" or perhaps my current script tag "f.a.archibald.iii"
In the words of Johnny What's-his-name, "You Got It!!!"
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to set password for user Harlin Linux - General 2 09-20-2005 01:25 PM
Is it possible to create a user with no password paul.nel Linux - General 11 02-28-2005 04:54 PM
create new user - password encryption shadow_mas Linux - Newbie 3 03-28-2004 04:14 AM
vsftpd how to set password and user? djkoe Linux - Newbie 3 12-30-2003 08:35 AM
How do I Create User w/o password?? Ruth Linux - General 6 03-02-2001 09:51 AM


All times are GMT -5. The time now is 10:50 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration