LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   Permissions problem with perl script to change users password (https://www.linuxquestions.org/questions/programming-9/permissions-problem-with-perl-script-to-change-users-password-4175422277/)

px87 08-15-2012 05:20 PM
Permissions problem with perl script to change users password
 
Hi all!

I'm writting a script in perl to change users's password from a web browser.

I'm using the Unix::PasswdFile module and I'm having a problem with it, when I run the script from the brower I get this error (from apaches's erro.log file):


Code:
[Wed Aug 15 13:00:02 2012] [error] [client 192.168.1.2] Can't locate Unix/PasswdFile.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at ./login_chpass.pl line 6., referer: http://192.168.1.50/admon/cambiar_pass/cambiar_pass.html

[Wed Aug 15 13:00:02 2012] [error] [client 192.168.1.2] BEGIN failed--compilation aborted at ./login_chpass.pl line 6., referer: http://192.168.1.50/admon/cambiar_pass/cambiar_pass.html
If I run it from the command line it works perfectly.

I set www-data as the owner of the file, but It still doesn't work.

This is my script:

Code:
#login_chpass.pl

#! /usr/bin/perl -w

use CGI qw(:all);
use strict;
use warnings;
use Authen::Simple::PAM;
use Unix::PasswdFile;

my $cgi = new CGI;
print $cgi->header();

my $pam = Authen::Simple::PAM->new( service => 'login' );

my $pw  = new Unix::PasswdFile "/etc/passwd";
my $resultado = "";

#my $username = $cgi->param('user');
#my $pass_old = $cgi->param('pass_old');
#my $pass_new = $cgi->param('pass_new');

my $username = $ARGV[0];
my $pass_old = $ARGV[1];
my $pass_new = $ARGV[2];

# I use the Authen::Simple::PAM module to login the user with his current password
if ( $pam->authenticate( $username, $pass_old ) ) {

        # Here I change the user password
        $pw->passwd( $username, $pw->encpass($pass_new) );
        $pw->commit();

        # I save the exit value
        $resultado = $? >> 8;

        # If the exit value is 0 the password change is ok
        if ( $resultado == 0 ) {
                print "* Password del sistema cambiado correctamente!\n";
        }
        # If the exit value is different to 0 there is an error and I print the exit value
        else {
                print "* Error al cambiar password del sistema, error: $resultado\n";
        }
}
else {
        # If exist a login error, I print:
        print "* Error de Login!";
}

Then I changed the login_chpass.pl file owner to root and I tried to use something like an "interface" to try to run the script with sudo, but It doesn't work (I modified the sudoers file to grant privileges to the www-data user):


Code:
#ch_pass_int.pl

#! /usr/bin/perl -w

use CGI qw(:all);
use strict;
use warnings;

my $cgi = new CGI;
print $cgi->header();

my $login = "./login_chpass.pl";

#my $username = $ARGV[0];
#my $pass_old = $ARGV[1];
#my $pass_new = $ARGV[2];

my $username = $cgi->param('user');
my $pass_old = $cgi->param('pass_old');
my $pass_new = $cgi->param('pass_new');

system qq(sudo $login $username $pass_old $pass_new);
It seems to be a problem with permissions, but I don't know what permissions are wrong.


I hope you can help me. Thanks a lot!!

jonsg 08-15-2012 06:16 PM
It seems pretty straight-forward to me. When you're running it from the command line, you may have your include path set up so that Unix/PasswdFile.pm can be found on it. But when it's run from the browser (as if logged in as uid www-data, gid www-data), the path doesn't include where you have it installed.

Either you need to reinstall it in a system-visible place (i.e. one of the standard places PERL looks - see the first error line for the list), or you need to add its install location to PERL's search path for when it's invoked through the browser.

Hope this helps.

px87 08-15-2012 09:32 PM
Hi jonsg, thanks for your answer:

* "you need to add its install location to PERL's search path": How can I do it? I know is needed change some enviroment variables, but I don't know what to modify.

* I searched the PasswdFile location and the module is installed in the root directory, I think that is the problem, what do you think? and how can I solved?

Code:
# find / -name PasswdFile.pm
/root/perl5/lib/perl5/Unix/PasswdFile.pm
/root/.cpan/build/Unix-ConfigFile-0.06-wJWP_t/blib/lib/Unix/PasswdFile.pm
/root/.cpan/build/Unix-ConfigFile-0.06-wJWP_t/PasswdFile.pm
Thanks a lot!!


All times are GMT -5. The time now is 05:24 PM.