Using passwd in a perl file to automate user creation

Question

Deathwish 0 Newbie Poster

19 Years Ago

Hey guys,

My task is to write a perl program that will read in names/passwords from a text file and from that create user accounts and all sorts of stuff. Now I have been able to do the "stuff" and the only part giving me jip is how to overcome creating the password for the user after useradd. Using passwd on its own requires interaction to type in the password twice to confirm, and this is the part im not sure on.

#Create the user account and add a password
system ("/usr/sbin/useradd -m $user");
system ("echo $userpass | --stdin passwd $user");

This gives me the error:

sh: -c: line 2: syntax error near unexpected token `|'
sh: -c: line 2: ` | --stdin passwd moose'

moose being the username I used :mrgreen:

It was suggested that when I had copied/pasted from a file that the char's where being corrupted so I typed the whole thing out again, to no avail.

I have investigated the possibility of using the unix_md5_crypt module to create my own encrypted passwords and use the -p tag in the useradd function but as I wont be able to install any modules on the computers this is pretty much void.
Using -p in the useradd will only add a plaintext password to the shadow file, which is useless too.

Any pointers are appreciated as I spent too long yesturday googling :-|

perl

2 Contributors
6 Replies
292 Views
16 Hours Discussion Span
Latest Post 19 Years Ago Latest Post by Comatose

Comatose 290 Taboo Programmer

19 Years Ago

What type of privs do you have on the box, or do you have super user/root access? Is LDAP installed on the system already, or PAM, or Expect.pm? I'll keep digging around and see what I can't make happen, but it may come down to editing the md5 digest pm, and finding the sub that actually creates the MD5 hash, and just adding that sub into your script, and then shelling it with the md5, but let me see what I can do.

Comatose 290 Taboo Programmer

19 Years Ago

Right, but what I'm asking is if LDAP is already installed on that box. If LDAP, or Expect.pm is on the box in question, then it will be no problem. If he does NOT have root access (which it seems he won't), then even manually opening and editing the shadow and passwd files isn't going to fly. I've got myself and 2 other people checking into this right now... it seems that passwd, along with su, demand input from the keyboard.... for security reasons. I'll keep you posted. I'm also unsure what --stdin does, I know it should be redirecting something to stdin, but what are you trying to pass this switch to?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Deathwish 0 Newbie Poster · Answer 1 · 2005-05-02T18:28:52+00:00

Yes I have full access to my machine, but the person who will run the script wont have so extra modules being installed is a no no. Has to be done in a default env.

Comatose 290 Taboo Programmer Team Colleague · Answer 2 · 2005-05-03T01:40:57+00:00

Ok, where I got confused, was that my version of passwd didn't support --stdin, which caused a big headache. Knowing that the version you are going to run it on does support --stdin (you should do a man first on passwd to make sure for the server to ensure that --stdin will work with passwd on that server). This should suffice, however, to work with --stdin:

print "Enter Your Password: "; $oldpass = <STDIN>;
print "Enter Your New Password: "; $newpass = <STDIN>;

open (PASSWD, "| passwd --stdin");
     print PASSWD "$oldpass";
     print PASSWD "$newpass";
     print PASSWD "$newpass";
close(PASSWD);

This is assuming that the passwd command will require 3 lines of text. The first line being the current password, the next line being the new password, and the last line being the confirmation of the new password. There is a more complicated Method, which I have to give the huge majority of credit to Narue, which requires detaching the process from the controlling terminal using ioctl, and if needed, I'll go back through that mess, and help with that. If, however, passwd on the server this will be run, supports --stdin, that's the way to go.

Deathwish 0 Newbie Poster · Answer 3 · 2005-05-03T02:42:29+00:00

Nice one, thanks mate!

I'd give you a virtual beer if I could :D

Comatose 290 Taboo Programmer Team Colleague · Answer 4 · 2005-05-03T02:54:59+00:00

Appreciate it.... but most of that credit goes to Narue. I put forth my stretch of effort, but without her I'd still be looking.