From: Ian Jackson Date: Sun, 27 Jan 2013 16:21:16 +0000 (+0000) Subject: checkpasswd: initial implementation X-Git-Tag: userv/0.6.1~71 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=userv-utils.git;a=commitdiff_plain;h=655e68e0dfac46ded70f143c4cee279a3d57a0d1;hp=477d948682bb1f28f516477d904bc47a02ece068 checkpasswd: initial implementation --- diff --git a/misc/checkpasswd-mine b/misc/checkpasswd-mine new file mode 100644 index 0000000..5e3a5a5 --- /dev/null +++ b/misc/checkpasswd-mine @@ -0,0 +1,8 @@ +# +if glob service-user root + reset + no-set-environment + disconnect-hup + suppress-args + execute checkpasswd-service SELF +fi diff --git a/misc/checkpasswd-other b/misc/checkpasswd-other new file mode 100644 index 0000000..c9a9b59 --- /dev/null +++ b/misc/checkpasswd-other @@ -0,0 +1,9 @@ +# +if ( grep calling-user /etc/userv/checkpasswd-service-users + & glob service-user root + ) + reset + no-set-environment + disconnect-hup + execute checkpasswd-service +fi diff --git a/misc/checkpasswd-service b/misc/checkpasswd-service new file mode 100755 index 0000000..5418a7c --- /dev/null +++ b/misc/checkpasswd-service @@ -0,0 +1,34 @@ +#!/usr/bin/perl -w +use strict; +use IO::File; +use Fcntl qw(:flock); + +die "$0: bad usage\n" unless @ARGV==1 && $ARGV[0] !~ m/^-/; +my $username = shift @ARGV; +$username = $ENV{'USERV_USER'} if $username eq 'SELF'; + +sub result { + print "@_\n" or die $!; + exit 0; +} + +my @pwent = getpwnam($username); +result 4, "no such user" unless @pwent; + +my $encrpw= $pwent[1]; +result 5, "password disabled" unless length $encrpw >= 13; + +$!=0; my $pw = ; +chomp $pw or die "reading password: $!\n"; + +my $lockpath = "/var/run/checkpasswd.synch"; +my $lockf = new IO::File $lockpath, "w+" or die "open $lockpath: $!\n"; +flock($lockf, LOCK_EX) or die "lock $lockpath: $!\n"; +select(undef,undef,undef,0.5); +close $lockf; + +my $crval = crypt($pw,$encrpw); + +result 2, "incorrect password" unless $crval eq $encrpw; + +result 0, "ok";