1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
#!/usr/bin/perl -Tw
#
# fs_passwd_server
#
# portions of this script are copied from the `passwd' script in the original
# (perl 4) camel book, now archived at
# http://www.perl.com/CPAN/scripts/nutshell/ch6/passwd
#
# ivan@sisd.com 98-mar-9
#
# crypt-aware, s/password/_password/; ivan@sisd.com 98-aug-23
use strict;
use vars qw($pid);
use subs qw(killssh);
use IO::Handle;
use Net::SSH qw(sshopen2);
use FS::UID qw(adminsuidsetup);
use FS::Record qw(qsearchs);
use FS::svc_acct;
my $user = shift or die &usage;
adminsuidsetup $user;
my($shellmachine)=shift or die &usage;
#causing trouble for some folks
#$SIG{CHLD} = sub { wait() };
$SIG{HUP} = \&killssh;
$SIG{INT} = \&killssh;
$SIG{QUIT} = \&killssh;
$SIG{TERM} = \&killssh;
$SIG{PIPE} = \&killssh;
sub killssh { kill 'TERM', $pid if $pid; exit; };
my($fs_passwdd)="/usr/local/sbin/fs_passwdd";
while (1) {
my($reader,$writer)=(new IO::Handle, new IO::Handle);
$writer->autoflush(1);
$pid = sshopen2($shellmachine,$reader,$writer,$fs_passwdd);
while (1) {
my($username,$old_password,$new_password,$new_gecos,$new_shell);
defined($username=<$reader>) or last;
defined($old_password=<$reader>) or last;
defined($new_password=<$reader>) or last;
defined($new_gecos=<$reader>) or last;
defined($new_shell=<$reader>) or last;
chop($username);
chop($old_password);
chop($new_password);
chop($new_gecos);
chop($new_shell);
my($svc_acct);
#need to try both $old_password and encrypted $old_password
#maybe the crypt function in svc_acct.export needs to be a library?
my $salt = substr($old_password,0,2);
my $cold_password = crypt($old_password,$salt);
$svc_acct=qsearchs('svc_acct',{'username'=>$username,
'_password'=>$old_password,
} )
|| qsearchs('svc_acct',{'username'=>$username,
'_password'=>$cold_password,
} );
unless ( $svc_acct ) { print $writer "Incorrect password.\n"; next; }
my(%hash)=$svc_acct->hash;
my($new_svc_acct) = new FS::svc_acct ( \%hash );
$new_svc_acct->setfield('_password',$new_password)
if $new_password && $new_password ne $old_password;
$new_svc_acct->setfield('finger',$new_gecos) if $new_gecos;
$new_svc_acct->setfield('shell',$new_shell) if $new_shell;
my($error)=$new_svc_acct->replace($svc_acct);
print $writer $error,"\n";
}
close $writer;
close $reader;
sleep 60;
warn "Connection to $shellmachine lost! Reconnecting...\n";
}
sub usage {
die "Usage:\n\n fs_passwd_server user shellmachine\n";
}
|
