For starters if using Ubuntu which uses sha512 to shadow passwords you could issue the command python -c "import crypt, getpass, pwd; print crypt.crypt('password', '\$6\$salt\$')" to create a hash like the one used in the shadow file. The user in the jail does not have access to the /etc/shadow file but the system does.
The example above creates a sha512 hash with a salt of salt and password of password
The basic ideal would be to allow a user in the jail to run a script containing the python command and store the password hash in the jail until a cron script from outside the jail reads the hash file and inserts it in the real shadow file replacing the existing password hash.
Does anyone see any issues with the above ideal?
----- Original Message -----
From: "Archie" <address@hidden>
Sent: Wednesday, January 12, 2011 8:48:08 PM
Subject: [Jailkit-users] Using passwd in a jail
What would be the code to allow users in the jail to use the passwd command?
I'm setting up a jail and it will more then 20 users and I would like them to have the ability to change there own passwords. I'm using RSA, but a requirement is to allow password login. Looking on the internet didn't yeild any helpful results.
Jailkit-users mailing list