Hi all!
I'm writting a script in perl to change users's password from a web browser.
I'm using the Unix::PasswdFile module and I'm having a problem with it, when I run the script from the brower I get this error (from apaches's erro.log file):
Code:
[Wed Aug 15 13:00:02 2012] [error] [client 192.168.1.2] Can't locate Unix/PasswdFile.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at ./login_chpass.pl line 6., referer: http://192.168.1.50/admon/cambiar_pass/cambiar_pass.html
[Wed Aug 15 13:00:02 2012] [error] [client 192.168.1.2] BEGIN failed--compilation aborted at ./login_chpass.pl line 6., referer: http://192.168.1.50/admon/cambiar_pass/cambiar_pass.html
If I run it from the command line it works perfectly.
I set www-data as the owner of the file, but It still doesn't work.
This is my script:
Code:
#login_chpass.pl
#! /usr/bin/perl -w
use CGI qw(:all);
use strict;
use warnings;
use Authen::Simple::PAM;
use Unix::PasswdFile;
my $cgi = new CGI;
print $cgi->header();
my $pam = Authen::Simple::PAM->new( service => 'login' );
my $pw = new Unix::PasswdFile "/etc/passwd";
my $resultado = "";
#my $username = $cgi->param('user');
#my $pass_old = $cgi->param('pass_old');
#my $pass_new = $cgi->param('pass_new');
my $username = $ARGV[0];
my $pass_old = $ARGV[1];
my $pass_new = $ARGV[2];
# I use the Authen::Simple::PAM module to login the user with his current password
if ( $pam->authenticate( $username, $pass_old ) ) {
# Here I change the user password
$pw->passwd( $username, $pw->encpass($pass_new) );
$pw->commit();
# I save the exit value
$resultado = $? >> 8;
# If the exit value is 0 the password change is ok
if ( $resultado == 0 ) {
print "* Password del sistema cambiado correctamente!\n";
}
# If the exit value is different to 0 there is an error and I print the exit value
else {
print "* Error al cambiar password del sistema, error: $resultado\n";
}
}
else {
# If exist a login error, I print:
print "* Error de Login!";
}
Then I changed the login_chpass.pl file owner to root and I tried to use something like an "interface" to try to run the script with sudo, but It doesn't work (I modified the sudoers file to grant privileges to the www-data user):
Code:
#ch_pass_int.pl
#! /usr/bin/perl -w
use CGI qw(:all);
use strict;
use warnings;
my $cgi = new CGI;
print $cgi->header();
my $login = "./login_chpass.pl";
#my $username = $ARGV[0];
#my $pass_old = $ARGV[1];
#my $pass_new = $ARGV[2];
my $username = $cgi->param('user');
my $pass_old = $cgi->param('pass_old');
my $pass_new = $cgi->param('pass_new');
system qq(sudo $login $username $pass_old $pass_new);
It seems to be a problem with permissions, but I don't know what permissions are wrong.
I hope you can help me. Thanks a lot!!