fs_passwd/fs_passwd_server

   1 #!/usr/bin/perl -Tw
   2 #
   3 # fs_passwd_server
   4 #
   5 # portions of this script are copied from the `passwd' script in the original
   6 # (perl 4) camel book, now archived at
   7 # http://www.perl.com/CPAN/scripts/nutshell/ch6/passwd
   8 #
   9 # ivan@sisd.com 98-mar-9
  10 #
  11 # crypt-aware, s/password/_password/; ivan@sisd.com 98-aug-23
  12
  13 use strict;
  14 use vars qw($pid);
  15 use subs qw(killssh);
  16 use IO::Handle;
  17 use Net::SSH qw(sshopen2);
  18 use FS::UID qw(adminsuidsetup);
  19 use FS::Record qw(qsearchs);
  20 use FS::svc_acct;
  21
  22 my $user = shift or die &usage;
  23 adminsuidsetup $user;
  24
  25 my($shellmachine)=shift or die &usage;
  26
  27 #causing trouble for some folks
  28 #$SIG{CHLD} = sub { wait() };
  29
  30 $SIG{HUP} = \&killssh;
  31 $SIG{INT} = \&killssh;
  32 $SIG{QUIT} = \&killssh;
  33 $SIG{TERM} = \&killssh;
  34 $SIG{PIPE} = \&killssh;
  35
  36 sub killssh { kill 'TERM', $pid if $pid; exit; };
  37
  38 my($fs_passwdd)="/usr/local/sbin/fs_passwdd";
  39
  40 while (1) {
  41   my($reader,$writer)=(new IO::Handle, new IO::Handle);
  42   $writer->autoflush(1);
  43   $pid = sshopen2($shellmachine,$reader,$writer,$fs_passwdd);
  44   while (1) {
  45     my($username,$old_password,$new_password,$new_gecos,$new_shell);
  46     defined($username=<$reader>) or last;
  47     defined($old_password=<$reader>) or last;
  48     defined($new_password=<$reader>) or last;
  49     defined($new_gecos=<$reader>) or last;
  50     defined($new_shell=<$reader>) or last;
  51     chop($username);
  52     chop($old_password);
  53     chop($new_password);
  54     chop($new_gecos);
  55     chop($new_shell);
  56     my($svc_acct);
  57
  58     #need to try both $old_password and encrypted $old_password
  59     #maybe the crypt function in svc_acct.export needs to be a library?
  60     my $salt = substr($old_password,0,2);
  61     my $cold_password = crypt($old_password,$salt);
  62     $svc_acct=qsearchs('svc_acct',{'username'=>$username,
  63                                    '_password'=>$old_password,
  64     } )
  65            || qsearchs('svc_acct',{'username'=>$username,
  66                                    '_password'=>$cold_password,
  67     } );
  68     unless ( $svc_acct ) { print $writer "Incorrect password.\n"; next; }
  69
  70     my(%hash)=$svc_acct->hash;
  71     my($new_svc_acct) = new FS::svc_acct ( \%hash );
  72     $new_svc_acct->setfield('_password',$new_password)
  73       if $new_password && $new_password ne $old_password;
  74     $new_svc_acct->setfield('finger',$new_gecos) if $new_gecos;
  75     $new_svc_acct->setfield('shell',$new_shell) if $new_shell;
  76     my($error)=$new_svc_acct->replace($svc_acct);
  77     print $writer $error,"\n";
  78   }
  79   close $writer;
  80   close $reader;
  81   sleep 60;
  82   warn "Connection to $shellmachine lost!  Reconnecting...\n";
  83 }
  84
  85 sub usage {
  86   die "Usage:\n\n  fs_passwd_server user shellmachine\n";
  87 }
  88