From 971e4ca0af5a6adbc8c724c9dff12cf8edf93dd9 Mon Sep 17 00:00:00 2001 From: ivan Date: Tue, 20 Jul 1999 19:18:25 +0000 Subject: [PATCH] initial checkin --- fs_signup/Signup.pm | 129 +++++++++++++++++++++++++++++++++++++++++++++ fs_signup/fs_signup_server | 77 +++++++++++++++++++++++++++ fs_signup/fs_signupd | 49 +++++++++++++++++ 3 files changed, 255 insertions(+) create mode 100755 fs_signup/Signup.pm create mode 100755 fs_signup/fs_signup_server create mode 100755 fs_signup/fs_signupd diff --git a/fs_signup/Signup.pm b/fs_signup/Signup.pm new file mode 100755 index 000000000..bcf09f1fe --- /dev/null +++ b/fs_signup/Signup.pm @@ -0,0 +1,129 @@ +#!/usr/bin/perl -Tw +# +# fs_passwd +# +# portions of this script are copied from the `passwd' script in the original +# (perl 4) camel book, now archived at +# http://www.perl.com/CPAN/scripts/nutshell/ch6/passwd +# +# ivan@sisd.com 98-mar-8 +# +# password lengths 0,255 instead of 6,8 - we'll let the server process +# check the data ivan@sisd.com 98-jul-17 + +use strict; +use Getopt::Std; +use Socket; +use IO::Handle; +use vars qw($opt_f $opt_s); + +my($fs_passwdd_socket)="/usr/local/freeside/fs_passwdd_socket"; +my($freeside_uid)=scalar(getpwnam('freeside')); + +$ENV{'PATH'} ='/usr/bin:/usr/ucb:/bin'; +$ENV{'SHELL'} = '/bin/sh'; +$ENV{'IFS'} = " \t\n"; +$ENV{'CDPATH'} = ''; +$ENV{'ENV'} = ''; +$ENV{'BASH_ENV'} = ''; + +$SIG{__DIE__}= sub { system '/bin/stty', 'echo'; }; + +die "passwd program isn't running setuid to freeside\n" if $> != $freeside_uid; + +unshift @ARGV, "-f" if $0 =~ /chfn$/; +unshift @ARGV, "-s" if $0 =~ /chsh$/; + +getopts('fs'); + +my($me)=''; +if ( $_ = shift(@ARGV) ) { + /^(\w{2,8})$/; + $me = $1; +} +die "You can't change the password for $me." if $me && $<; +$me = (getpwuid($<))[0] unless $me; + +my($name,$passwd,$uid,$gid,$quota,$comment,$gcos,$dir,$shell)= + getpwnam $me; + +my($old_password,$new_password,$new_gecos,$new_shell); + +if ( $opt_f || $opt_s ) { + system '/bin/stty', '-echo'; + print "Password:"; + $old_password=; + system '/bin/stty', 'echo'; + chop($old_password); + #$old_password =~ /^(.{6,8})$/ or die "\nIllegal password.\n"; + $old_password =~ /^(.{0,255})$/ or die "\nIllegal password.\n"; + $old_password = $1; + + $new_password = ''; + + if ( $opt_f ) { + print "\nChanging gecos for $me.\n"; + print "Gecos [", $gcos, "]: "; + $new_gecos=; + chop($new_gecos); + $new_gecos ||= $gcos; + $new_gecos =~ /^(.{0,255})$/ or die "\nIllegal gecos.\n"; + } else { + $new_gecos = ''; + } + + if ( $opt_s ) { + print "\nChanging shell for $me.\n"; + print "Shell [", $shell, "]: "; + $new_shell=; + chop($new_shell); + $new_shell ||= $shell; + $new_shell =~ /^(.{0,255})$/ or die "\nIllegal shell.\n"; + } else { + $new_shell = ''; + } + +} else { + + print "Changing password for $me.\n"; + print "Old password:"; + system '/bin/stty', '-echo'; + $old_password=; + chop $old_password; + #$old_password =~ /^(.{6,8})$/ or die "\nIllegal password.\n"; + $old_password =~ /^(.{0,255})$/ or die "\nIllegal password.\n"; + $old_password = $1; + print "\nEnter the new password (minimum of 6, maximum of 8 characters)\n"; + print "Please use a combination of upper and lowercase letters and numbers.\n"; + print "New password:"; + $new_password=; + chop($new_password); + #$new_password =~ /^(.{6,8})$/ or die "\nIllegal password.\n"; + $new_password =~ /^(.{0,255})$/ or die "\nIllegal password.\n"; + $new_password = $1; + print "\nRe-enter new password:"; + my($check_new_password); + $check_new_password=; + chop($check_new_password); + die "\nThey don't match; try again.\n" unless $check_new_password eq $new_password; + + $new_gecos=''; + $new_shell=''; +} +print "\n"; + +system '/bin/stty', 'echo'; + +socket(SOCK, PF_UNIX, SOCK_STREAM, 0) or die "socket: $!"; +connect(SOCK, sockaddr_un($fs_passwdd_socket)) or die "connect: $!"; +print SOCK join("\n",$me,$old_password,$new_password,$new_gecos,$new_shell),"\n"; +SOCK->flush; +my($error); +$error = ; +chop $error; + +if ($error) { + print "\nUpdate error: $error\n"; +} else { + print "\nUpdate sucessful.\n"; +} diff --git a/fs_signup/fs_signup_server b/fs_signup/fs_signup_server new file mode 100755 index 000000000..cb0e693dd --- /dev/null +++ b/fs_signup/fs_signup_server @@ -0,0 +1,77 @@ +#!/usr/bin/perl -Tw +# +# fs_passwd_server +# +# portions of this script are copied from the `passwd' script in the original +# (perl 4) camel book, now archived at +# http://www.perl.com/CPAN/scripts/nutshell/ch6/passwd +# +# ivan@sisd.com 98-mar-9 +# +# crypt-aware, s/password/_password/; ivan@sisd.com 98-aug-23 + +use strict; +use IO::Handle; +use FS::SSH qw(sshopen2); +use FS::UID qw(adminsuidsetup); +use FS::Record qw(qsearchs); +use FS::svc_acct; + +my $user = shift or die &usage; +adminsuidsetup $user; + +my($shellmachine)=shift or die &usage; + +$SIG{CHLD} = sub { wait() }; + +my($fs_passwdd)="/usr/local/sbin/fs_passwdd"; + +while (1) { + my($reader,$writer)=(new IO::Handle, new IO::Handle); + $writer->autoflush(1); + sshopen2($shellmachine,$reader,$writer,$fs_passwdd); + while (1) { + my($username,$old_password,$new_password,$new_gecos,$new_shell); + defined($username=<$reader>) or last; + defined($old_password=<$reader>) or last; + defined($new_password=<$reader>) or last; + defined($new_gecos=<$reader>) or last; + defined($new_shell=<$reader>) or last; + chop($username); + chop($old_password); + chop($new_password); + chop($new_gecos); + chop($new_shell); + my($svc_acct); + + #need to try both $old_password and encrypted $old_password + #maybe the crypt function in svc_acct.export needs to be a library? + my $salt = substr($old_password,0,2); + my $cold_password = crypt($old_password,$salt); + $svc_acct=qsearchs('svc_acct',{'username'=>$username, + '_password'=>$old_password, + } ) + || qsearchs('svc_acct',{'username'=>$username, + '_password'=>$cold_password, + } ); + unless ( $svc_acct ) { print $writer "Incorrect password.\n"; next; } + + my(%hash)=$svc_acct->hash; + my($new_svc_acct) = new FS::svc_acct ( \%hash ); + $new_svc_acct->setfield('_password',$new_password) + if $new_password && $new_password ne $old_password; + $new_svc_acct->setfield('finger',$new_gecos) if $new_gecos; + $new_svc_acct->setfield('shell',$new_shell) if $new_shell; + my($error)=$new_svc_acct->replace($svc_acct); + print $writer $error,"\n"; + } + close $writer; + close $reader; + sleep 60; + warn "Connection to $shellmachine lost! Reconnecting...\n"; +} + +sub usage { + die "Usage:\n\n fs_passwd_server user shellmachine\n"; +} + diff --git a/fs_signup/fs_signupd b/fs_signup/fs_signupd new file mode 100755 index 000000000..582e13ccd --- /dev/null +++ b/fs_signup/fs_signupd @@ -0,0 +1,49 @@ +#!/usr/bin/perl -Tw +# +# fs_passwdd +# +# This is run REMOTELY over ssh by fs_passwd_server. +# +# ivan@sisd.com 98-mar-9 + +use strict; +use Socket; + +my($fs_passwdd_socket)="/usr/local/freeside/fs_passwdd_socket"; + +$ENV{'PATH'} ='/usr/bin:/usr/ucb:/bin'; +$ENV{'SHELL'} = '/bin/sh'; +$ENV{'IFS'} = " \t\n"; +$ENV{'CDPATH'} = ''; +$ENV{'ENV'} = ''; +$ENV{'BASH_ENV'} = ''; + +$|=1; + +my $uaddr = sockaddr_un($fs_passwdd_socket); +my $proto = getprotobyname('tcp'); + +socket(Server,PF_UNIX,SOCK_STREAM,0) or die "socket: $!"; +unlink($fs_passwdd_socket); +bind(Server, $uaddr) or die "bind: $!"; +listen(Server,SOMAXCONN) or die "listen: $!"; + +my($paddr); +for ( ; $paddr = accept(Client,Server); close Client) { + my($me,$old_password,$new_password,$new_gecos,$new_shell); + + $me=; + $old_password=; + $new_password=; + $new_gecos=; + $new_shell=; + + print $me,$old_password,$new_password,$new_gecos,$new_shell; + my($error); + + $error=; + + print Client $error; + close Client; +} + -- 2.11.0