[LON-CAPA-cvs] cvs: loncom / lcpasswd lcuseradd pwchange

foxr lon-capa-cvs@mail.lon-capa.org
Mon, 16 Sep 2002 13:27:40 -0000


foxr		Mon Sep 16 09:27:40 2002 EDT

  Modified files:              
    /loncom	lcuseradd lcpasswd pwchange 
  Log:
  Bug 701 - added additional $noprint conditionalized deubgging.
      In lcpasswd, removed code too put a dummy entry at the end of 
      /etc/smbpasswd (it's not the right file anyway), and added the -a
     switch to the smbpasswd command invocation.
  
  
  
Index: loncom/lcuseradd
diff -u loncom/lcuseradd:1.21 loncom/lcuseradd:1.22
--- loncom/lcuseradd:1.21	Thu May  2 23:43:54 2002
+++ loncom/lcuseradd	Mon Sep 16 09:27:40 2002
@@ -18,7 +18,7 @@
 #        o LonCapa will add it if/when the user is granted an Author
 #          role.
 #
-# $Id: lcuseradd,v 1.21 2002/05/03 03:43:54 foxr Exp $
+# $Id: lcuseradd,v 1.22 2002/09/16 13:27:40 foxr Exp $
 ###
 
 ###############################################################################
@@ -162,10 +162,14 @@
 }
 
 my ($username,$password1,$password2)=@input;
+print "Username = ".$username unless $noprint;
 $username=~/^(\w+)$/;
+print "Username after substitution - ".$username unless $noprint;
 my $safeusername=$1;
+print "Safe username = $safeusername" unless $noprint;
+
 if (($username ne $safeusername) or ($safeusername!~/^[A-Za-z]/)) {
-    print "Error. The user name specified has invalid characters.\n"
+    print "Error. The user name specified $username $safeusername  has invalid characters.\n"
 	unless $noprint;
     unlink('/tmp/lock_lcpasswd');
     exit 9;
Index: loncom/lcpasswd
diff -u loncom/lcpasswd:1.16 loncom/lcpasswd:1.17
--- loncom/lcpasswd:1.16	Fri Aug 30 09:37:59 2002
+++ loncom/lcpasswd	Mon Sep 16 09:27:40 2002
@@ -14,7 +14,7 @@
 # YEAR=2002
 # 02/19 Matthew Hall
 #
-# $Id: lcpasswd,v 1.16 2002/08/30 13:37:59 matthew Exp $
+# $Id: lcpasswd,v 1.17 2002/09/16 13:27:40 foxr Exp $
 ###
 
 ###############################################################################
@@ -158,12 +158,16 @@
 
 &enable_root_capability;
 ($>,$<)=(0,0);
+print "Now root, -invoking pwchange with $safeusername $password1"
+    unless $noprint;
 open OUT,"|pwchange $safeusername";
 print OUT $password1;
 print OUT "\n";
 close OUT;
 ($>,$<)=(0,500);
 
+print "pwchange done, back to uid 500" unless $noprint;
+
 if ($?) {
     exit 8;
 }
@@ -173,34 +177,22 @@
 
     ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid
                    # environment
-    unless (-e '/etc/smbpasswd') {
-	open (OUT,'>/etc/smbpasswd'); close OUT;
-    }
-
-    my $smbexist=0;
-    open (IN, '</etc/smbpasswd');
-    my @lines=<IN>;
-    close IN;
-    for my $l (@lines) {
-	chop $l;
-	my @F=split(/\:/,$l);
-	if ($F[0] eq $username) {$smbexist=1;}
-    }
-    unless ($smbexist) {
-	open(OUT,'>>/etc/smbpasswd');
-	print OUT join(':',($safeusername,$userid,
-			    'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXX'.
-			    'XXXXXXXXXXXXXXXXXX','','/home/'.$safeusername,
-			    '/bin/bash')) . "\n";
-	close OUT;
-    }
 
-    open(OUT,"|/usr/bin/smbpasswd -s $safeusername>/dev/null") or
+#   If the -a swithc is put on the smbpasswd
+# command line, either a new entry will be created or the old one
+# will be used. 
+# Therefore the old strategy of looking for and adding a dummy entry is 
+# not needed... Finally, the smbpasswd file is in /etc/samba not 
+# /etc/smbpasswd as older versions of the script implied.
+
+    print "Running smbpasswd" unless $noprint;
+    open(OUT,"|/usr/bin/smbpasswd -s -a $safeusername>/dev/null") or
 	die('cannot run smbpasswd');
     print OUT $password2; print OUT "\n";
     print OUT $password2; print OUT "\n";
     close OUT;
     $<=$wwwid; # unfool the program
+    print "smbpasswd done" unless $noprint;
 }
 
 &disable_root_capability;
Index: loncom/pwchange
diff -u loncom/pwchange:1.6 loncom/pwchange:1.7
--- loncom/pwchange:1.6	Tue Feb 19 16:51:09 2002
+++ loncom/pwchange	Mon Sep 16 09:27:40 2002
@@ -10,10 +10,11 @@
 # YEAR=2002
 # 02/19 Matthew Hall
 #
-# $Id: pwchange,v 1.6 2002/02/19 21:51:09 matthew Exp $
+# $Id: pwchange,v 1.7 2002/09/16 13:27:40 foxr Exp $
 ###
 
 use strict;
+my $noprint = 1;
 
 # ------------------------------------------------------------------ Untainting
 $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information.
@@ -22,10 +23,12 @@
 # ---------------------------- Make sure this process is running from user=root
 my $wwwid=getpwnam('www');
 if (0!=$<) {
+    print "Username not www" unless $noprint;
    exit 1;
 }
 # ----------------------------------------------- If not running setuid as root
 if ($>!=0) {
+    print "Not setuid to root" unless $noprint;
     exit 1;
 }
 
@@ -33,12 +36,14 @@
 my $user=shift @ARGV;
 $user=~/^(\w+)$/;
 my $safe=$1;
+print "Save user = $safe" unless $noprint;
+
 my $pword=<>;
 chomp $pword;
 unless (length($safe) and ($user eq $safe) and ($safe=~/^[A-Za-z]/)) {
     exit 2;
 }
-
+print "Password = $pword" unless $noprint;
 my $pbad=0;
 foreach (split(//,$pword)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} 
 exit 3 if $pbad;