info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Mdk/RH passwd server problem solved! plus, cvs passwd scripts

From: Beachey, Kendric
Subject: Mdk/RH passwd server problem solved! plus, cvs passwd scripts
Date: Wed, 1 Aug 2001 15:59:49 -0500

Thanks to those who wrote with advice for me.  As it turned out, the problem was (apparently) something nobody had thought of, but your suggestions helped me diagnose the problem.

For those who are interested, the culprit was one line in /usr/sbin/cvspasswd, the shell script that xinetd would run when tickled at port 2401.  The line that gave it trouble was 'unset HOME'.  Running with this line commented out seems to work fine with no ill effects detected so far.  I discovered this by commenting things in and out, and lots of use of the 'logger' command to put messages in /var/log/messages.  I'm not entirely sure why 'unset HOME' was in there in the first place; this was a script that came with Mandrake 8.0, and so it may be something that was needed for Mandrake, but not for Red Hat.

As a token of my gratitude, here are a couple of fairly chintzy scripts I wrote to manage cvs's passwd file.  People who have read Karl Fogel's book will find them suspiciously familiar.  There is one script to add a new user, and one script to change someone's password.

The add script uses the user's name as their password, which isn't ultra-great but does at least get the user up and running.  I hope someone who's better at Perl than I am will feel free to tighten up these scripts...unless you guys already have scripts like these that are even better!


-----------------8<--cut here--8<---------------------
#!/usr/bin/perl
#
# addcvsuser <username>
#
# Adds a new user to the cvs passwd file, using the user's name as the
# initial password.
#
# ASSumption:
# this script needs to live in the CVSROOT directory, next door to the cvs passwd file.
#
# Shortcoming:
# initial password is lame.
 
# grab username from command line
my $username = shift;
 
# generate encrypted password
srand (time());
my $randletter = "(int (rand (26)) + (int (rand (1) + .5) % 2 ? 65 : 97))";
my $salt = sprintf ("%c%c", eval $randletter, eval $randletter);
my $crypttext = crypt ($username, $salt);
my $newpasswdline = sprintf ("%s:%s:%s", $username, $crypttext, "cvs");
 
# Check to see that user doesn't already exist
open (PASSWD, "passwd");
while (<PASSWD>)
{
  split (/:/);
  die ("User $username already exists.\n") if (@_[0] eq $username);
}
close (PASSWD);
 
# Add user's line to passwd file
open (PASSWD, ">>passwd");
print PASSWD "${newpasswdline}\n";
close (PASSWD);



-----------------8<--cut here--8<---------------------
#!/usr/bin/perl
#
# chcvspasswd <username> <newpassword>
#
# ASSumption:
# this script needs to live in your CVSROOT directory, next door to the cvs passwd file.
#
# Shortcomings:
# 1) your password is typed on the command line, so someone else might see it.
# 2) you're not required to prove your identity.
# 3) you don't have to know your old password to change it.
 
# Grab username and password from command line
my $username = shift;
my $newpasswd = shift;
 
# Generate encrypted password
srand (time());
my $randletter = "(int (rand (26)) + (int (rand (1) + .5) % 2 ? 65 : 97))";
my $salt = sprintf ("%c%c", eval $randletter, eval $randletter);
my $crypttext = crypt ($newpasswd, $salt);
 
# Find the user's line in the passwd file and change it
open (PASSWD, "passwd");
 
my $found = "no";
my $top = "";
my $middle = "";
my $bottom = "";
 
while (<PASSWD>)
{
  chop;
  split (/:/);
  my $loopuser = @_[0];
  my $looppasswd = @_[1];
  my $loopsysuser = @_[2];

  # Not everyone in the world mimics a system user.
  $loopsysuser = ":" . $loopsysuser unless ($loopsysuser eq "");

  my $tempstring = sprintf ("%s:%s%s\n", $loopuser, $looppasswd, $loopsysuser);

  if ($loopuser ne $username)
  {
    if ($found eq "no")
    {
      $top .= $tempstring;
    }
    else
    {
      $bottom .= $tempstring;
    }
  } # end if loopuser ne username
  else
  {
    $found = "yes";
    $tempstring = sprintf ("%s:%s%s\n", $username, $crypttext, $loopsysuser);
    $middle = $tempstring;
  }
} # end while PASSWD
 
# Bail out if the user doesn't exist
die ("User $username does not exist.\n") if ($found eq "no");
 
close (PASSWD);
 
# Rewrite the passwd file with the change
open (PASSWD, ">passwd");
print PASSWD ($top);
print PASSWD ($middle);
print PASSWD ($bottom);



--
Kendric Beachey
 

reply via email to
[Prev in Thread] Current Thread [Next in Thread]