adminsuidsetup now requires user
[freeside.git] / fs_passwd / fs_passwd_server
1 #!/usr/bin/perl -Tw
2 #
3 # fs_passwd_server
4 #
5 # portions of this script are copied from the `passwd' script in the original
6 # (perl 4) camel book, now archived at 
7 # http://www.perl.com/CPAN/scripts/nutshell/ch6/passwd
8 #
9 # ivan@sisd.com 98-mar-9
10 #
11 # crypt-aware, s/password/_password/; ivan@sisd.com 98-aug-23
12
13 use strict;
14 use IO::Handle;
15 use FS::SSH qw(sshopen2);
16 use FS::UID qw(adminsuidsetup);
17 use FS::Record qw(qsearchs);
18 use FS::svc_acct;
19
20 my $user = shift or die &usage;
21 adminsuidsetup $user; 
22
23 my($shellmachine)=shift or die &usage;
24
25 $SIG{CHLD} = sub { wait() };
26
27 my($fs_passwdd)="/usr/local/sbin/fs_passwdd";
28
29 while (1) {
30   my($reader,$writer)=(new IO::Handle, new IO::Handle);
31   $writer->autoflush(1);
32   sshopen2($shellmachine,$reader,$writer,$fs_passwdd);
33   while (1) {
34     my($username,$old_password,$new_password,$new_gecos,$new_shell);
35     defined($username=<$reader>) or last;
36     defined($old_password=<$reader>) or last; 
37     defined($new_password=<$reader>) or last; 
38     defined($new_gecos=<$reader>) or last; 
39     defined($new_shell=<$reader>) or last; 
40     chop($username);
41     chop($old_password);
42     chop($new_password);
43     chop($new_gecos);
44     chop($new_shell);
45     my($svc_acct);
46
47     #need to try both $old_password and encrypted $old_password
48     #maybe the crypt function in svc_acct.export needs to be a library?
49     my $salt = substr($old_password,0,2);
50     my $cold_password = crypt($old_password,$salt);
51     $svc_acct=qsearchs('svc_acct',{'username'=>$username,
52                                    '_password'=>$old_password,
53     } )
54            || qsearchs('svc_acct',{'username'=>$username,
55                                    '_password'=>$cold_password,
56     } );
57     unless ( $svc_acct ) { print $writer "Incorrect password.\n"; next; }
58
59     my(%hash)=$svc_acct->hash;
60     my($new_svc_acct) = create FS::svc_acct ( \%hash );
61     $new_svc_acct->setfield('_password',$new_password) 
62       if $new_password && $new_password ne $old_password;
63     $new_svc_acct->setfield('finger',$new_gecos) if $new_gecos;
64     $new_svc_acct->setfield('shell',$new_shell) if $new_shell;
65     my($error)=$new_svc_acct->replace($svc_acct);
66     print $writer $error,"\n";
67   }
68   close $writer;
69   close $reader;
70   sleep 60;
71   warn "Connection to $shellmachine lost!  Reconnecting...\n";
72 }
73
74 sub usage {
75   die "Usage:\n\n  fs_passwd_server user shellmachine\n";
76 }
77