[Gllug] Tip: Scripting passwd
James McGuigan
james at worldfuturecouncil.org
Wed Jul 13 16:44:36 UTC 2005
I was trying to create a script to automate account creation via a web
form, and this point had me stumped for a few hours, so I thought I'd
share it with you.
The linux passwd command has a bug whereby it prompts for input before
its ready to receive the data. This is due to a bug in an library
function, so it also affects other passwd like commands (such as
PureFTP's pure-pw command). AFAIK the bug only affects linux, and not
*BSDs nor other UNIXs.
The solution is to add a short wait before sending each input. Google
suggests using an expect script to do this, but it can also be done just
as easy through the shell
user='james'; pass='secret';
(for i in 1 2; do sleep 0.1s; echo $pass; done;) | \
sudo -u root passwd $user
Note: this assumes you have setup the specific lines in the sudoers
file. Its a bad security risk to allow user www-data to sudo to root.
However for non system accounts (like pureftp virtual accounts), you can
create an ftpadmin account, give it write permissions on
/etc/pure-ftp/pureftpd.passwd + /etc/pure-ftp/ (for pureftpd.passwd.tmp)
Then add this to the sudoers file (which is an acceptable risk):
Cmnd_Alias PUREDB_USERADD=/usr/bin/pure-pw useradd *
www-data ALL=(ftpadmin)NOPASSWD:PUREDB_USERADD
--
Rules are written for those who lack the ability to truly reason,
But for those who can, rules become nothing more than guidelines,
And live their lives governed not by rules but by reason.
- James McGuigan
Earth Emergency - A Call to Action (www.earthemergency.org)
Sustainable Society Directory (www.sustainable-society.co.uk)
World Future Council Initiative (www.worldfuturecouncil.org)
Open co-op (http://open.coop)
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list