File:
[LON-CAPA] /
loncom /
lcpasswd
Revision
1.8:
download - view:
text,
annotated -
select for diffs
Sun Oct 29 23:14:16 2000 UTC (23 years, 11 months ago) by
harris41
Branches:
MAIN
CVS tags:
HEAD
trying to add error-checking to make sure invalid characters are not in the
user name or passwords. lcuseradd appears to be basically working, but I
still need to implement the addition of passwords. I cannot do this with
a system call to lcpasswd due to the restrictions of perl setuid scripts.L
1: #!/usr/bin/perl
2: #
3: # lcpasswd
4: #
5: # Scott Harrison
6: # SH: October 27, 2000
7: # SH: October 28, 2000
8:
9: use strict;
10:
11: # This script is a setuid script that should
12: # be run by user 'www'. This script allows
13: # for synchronous entry of passwords into
14: # both the /etc/passwd and the /etc/smbpasswd
15: # files.
16:
17: # This script works under the same process control mechanism
18: # as lcuseradd and lcpasswd, to make sure that only one of these
19: # processes is running at any one time on the system.
20:
21: # Standard input usage
22: # First line is USERNAME
23: # Second line is CURRENT PASSWORD
24: # Third line is NEW PASSWORD
25:
26: # Valid passwords must consist of the
27: # ascii characters within the inclusive
28: # range of 0x20 (32) to 0x7E (126).
29: # These characters are:
30: # SPACE and
31: # !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO
32: # PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
33:
34: # Valid user names must consist of ascii
35: # characters that are alphabetical characters
36: # (A-Z,a-z), numeric (0-9), or the underscore
37: # mark (_). (Essentially, the perl regex \w).
38:
39: # Command-line arguments
40: # Yes, but be very careful here (don't pass shell commands)
41: # and this is only supported to allow perl-system calls.
42:
43: # Usage within code
44: # Note: NEVER run as system("/home/httpd/perl/lcpasswd NAME OLDPWD NEWPWD")
45: #
46: # $exitcode=system("/home/httpd/perl/lcpasswd","NAME","OLDPWD","NEWPWD")/256;
47: # print "uh-oh" if $exitcode;
48:
49: # These are the exit codes.
50: # ( (0,"ok"),
51: # (1,"User ID mismatch. This program must be run as user 'www'"),
52: # (2,"Error. This program does not accept command-line arguments."),
53: # (3,"Error. Three lines need to be entered into standard input."),
54: # (4,"Error. Too many other simultaneous password change requests being made."),
55: # (5,"Error. User $username does not exist."),
56: # (6,"Error. Invalid entry of current password."),
57: # (7,"Error. Root was not successfully enabled."),
58: # (8,"Error. Cannot open /etc/passwd.") )
59:
60: # Security
61: $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information except for what smbpasswd needs
62: $ENV{'BASH_ENV'}=''; # Nullify shell environment information.
63:
64: # Do not print error messages if there are command-line arguments
65: my $noprint=0;
66: if (@ARGV) {
67: $noprint=1;
68: }
69:
70: # Read in /etc/passwd, and make sure this process is running from user=www
71: open (IN, '</etc/passwd');
72: my @lines=<IN>;
73: close IN;
74: my $wwwid;
75: for my $l (@lines) {
76: chop $l;
77: my @F=split(/\:/,$l);
78: if ($F[0] eq 'www') {$wwwid=$F[2];}
79: }
80: if ($wwwid!=$<) {
81: print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint;
82: exit 1;
83: }
84: &disable_root_capability;
85:
86: # Handle case of another lcpasswd process
87: unless (&try_to_lock('/tmp/lock_lcpasswd')) {
88: print "Error. Too many other simultaneous password change requests being made.\n" unless $noprint;
89: exit 4;
90: }
91:
92: # Gather input. Should only be 3 values.
93: my @input;
94: if (@ARGV==3) {
95: @input=@ARGV;
96: }
97: elsif (@ARGV) {
98: print("Error. This program needs 3 command-line arguments (username, old password, new password).\n") unless $noprint;
99: unlink('/tmp/lock_lcpasswd');
100: exit 2;
101: }
102: else {
103: @input=<>;
104: if (@input!=3) {
105: print("Error. Three lines need to be entered into standard input.\n") unless $noprint;
106: unlink('/tmp/lock_lcpasswd');
107: exit 3;
108: }
109: map {chop} @input;
110: }
111:
112: my ($username,$oldpwd,$newpwd)=@input;
113: $username=~/^(\w+)$/;
114: my $safeusername=$1;
115: if ($username ne $safeusername) {
116: print "Error. The user name specified has invalid characters.\n";
117: unlink('/tmp/lock_lcpasswd');
118: exit 9;
119: }
120:
121:
122: # Grab the line corresponding to username
123: my ($userid,$useroldcryptpwd);
124: my @F; my @U;
125: for my $l (@lines) {
126: @F=split(/\:/,$l);
127: if ($F[0] eq $username) {($userid,$useroldcryptpwd)=($F[2],$F[1]); @U=@F;}
128: }
129:
130: # Verify existence of user
131: if (!defined($userid)) {
132: print "Error. User $username does not exist.\n" unless $noprint;
133: unlink('/tmp/lock_lcpasswd');
134: exit 5;
135: }
136:
137: # Verify password entry
138: if (crypt($oldpwd,$useroldcryptpwd) ne $useroldcryptpwd) {
139: print "Error. Invalid entry of current password.\n" unless $noprint;
140: unlink('/tmp/lock_lcpasswd');
141: exit 6;
142: }
143:
144: # Construct new password entry (random salt)
145: my $newcryptpwd=crypt($newpwd,(join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
146: $U[1]=$newcryptpwd;
147: my $userline=join(':',@U);
148: my $rootid=&enable_root_capability;
149: if ($rootid!=0) {
150: print "Error. Root was not successfully enabled.\n" unless $noprint;
151: unlink('/tmp/lock_lcpasswd');
152: exit 7;
153: }
154: open PASSWORDFILE, '>/etc/passwd' or (print("Error. Cannot open /etc/passwd.\n") && unlink('/tmp/lock_lcpasswd') && exit(8));
155: for my $l (@lines) {
156: @F=split(/\:/,$l);
157: if ($F[0] eq $username) {print PASSWORDFILE "$userline\n";}
158: else {print PASSWORDFILE "$l\n";}
159: }
160: close PASSWORDFILE;
161:
162: ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
163: unless (-e '/etc/smbpasswd') {
164: open (OUT,'>/etc/smbpasswd'); close OUT;
165: }
166: my $smbexist=0;
167: open (IN, '</etc/smbpasswd');
168: my @lines=<IN>;
169: close IN;
170: for my $l (@lines) {
171: chop $l;
172: my @F=split(/\:/,$l);
173: if ($F[0] eq $username) {$smbexist=1;}
174: }
175: unless ($smbexist) {
176: open(OUT,'>>/etc/smbpasswd');
177: print OUT join(':',($safeusername,$userid,'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,'/bin/bash')) . "\n";
178: close OUT;
179: }
180: open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null");
181: print OUT $newpwd; print OUT "\n";
182: print OUT $newpwd; print OUT "\n";
183: close OUT;
184: $<=$wwwid; # unfool the program
185: &disable_root_capability;
186: unlink('/tmp/lock_lcpasswd');
187: exit 0;
188:
189: # ----------------------------------------------------------- have setuid script run as root
190: sub enable_root_capability {
191: if ($wwwid==$>) {
192: ($<,$>)=($>,$<);
193: ($(,$))=($),$();
194: }
195: else {
196: # root capability is already enabled
197: }
198: return $>;
199: }
200:
201: # ----------------------------------------------------------- have setuid script run as www
202: sub disable_root_capability {
203: if ($wwwid==$<) {
204: ($<,$>)=($>,$<);
205: ($(,$))=($),$();
206: }
207: else {
208: # root capability is already disabled
209: }
210: }
211:
212: # ----------------------------------- make sure that another lcpasswd process isn't running
213: sub try_to_lock {
214: my ($lockfile)=@_;
215: my $currentpid;
216: my $lastpid;
217: # Do not manipulate lock file as root
218: if ($>==0) {
219: return 0;
220: }
221: # Try to generate lock file.
222: # Wait 3 seconds. If same process id is in
223: # lock file, then assume lock file is stale, and
224: # go ahead. If process id's fluctuate, try
225: # for a maximum of 10 times.
226: for (0..10) {
227: if (-e $lockfile) {
228: open(LOCK,"<$lockfile");
229: $currentpid=<LOCK>;
230: close LOCK;
231: if ($currentpid==$lastpid) {
232: last;
233: }
234: sleep 3;
235: $lastpid=$currentpid;
236: }
237: else {
238: last;
239: }
240: if ($_==10) {
241: return 0;
242: }
243: }
244: open(LOCK,">$lockfile");
245: print LOCK $$;
246: close LOCK;
247: return 1;
248: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>