Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'A way to change samba passwords from the command line' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
A way to change samba passwords from the command line
Authored by: jferrara on Oct 02, '03 07:44:19AM

Here is a little perl script replacement for passwd that I wrote
which changes the netinfo password and the samba password.

Be aware of the issues with setuid perl scripts if you're going
to use this.

#!/usr/bin/perl -w
use Term::ReadKey;
use Crypt::SmbHash;

if (@ARGV>1)
{
print "usage: passwd [name]\n";
exit 1;
}

# get the username of the user running the script
($username, $pwd) = getpwuid($<);
if (@ARGV == 1)
{
# if there is an argument, then its the user whos password should be cha
nge
$targetuser = $ARGV[0];
if ($< != 0)
{
# if we aren't running as root, than we can only change the pass
word
# of the current use
if ($targetuser ne $username)
{
print "Permission denied\n";
exit 1;
}
}

# get information for the user whos password is to be changed
($username, $pwd) = getpwnam($targetuser);
}

print "Changing password for $username\n";


# if we're not root, make sure the user knows his current password
if ($< != 0)
{
ReadMode('noecho');
print "Old password:";
$oldpw = ReadLine(0);
ReadMode('restore');
chomp $oldpw;
print "\n";
if (crypt($oldpw, $pwd) ne $pwd)
{
print "Sorry\n";
exit 1;
}
}

# get the new password
do {
ReadMode('noecho');
print "New password:";
$newpw = ReadLine(0);
ReadMode('restore');
chomp $newpw;
print "\n";
if (length($newpw) == 0)
{
print "Password unchanged.\n";
exit 0;
}
ReadMode('noecho');
print "Retype new password:";
$checkpw = ReadLine(0);
ReadMode('restore');
chomp $checkpw;
print "\n";
if ($newpw ne $checkpw)
{
print "Mismatch; try again.\n";
}
} while ($newpw ne $checkpw);

# encrypt the new password
$newpw =~ /(.*)/;
$salt = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64];
$cpw = crypt($1, $salt);
$ENV{'PATH'} = '/bin:/usr/bin';

# generate the window hash of the password
($lm, $nt) = ntlmgen $newpw;
$sambahashfile = "/private/var/db/samba/hash/" . $username;

delete $ENV{ENV};
delete $ENV{IFS};
delete $ENV{CDPATH};
delete $ENV{BASH_ENV};

# set the password in the main system database
if (system("/usr/bin/niutil", "-createprop", "/", "/users/$username", "passwd",
$cpw) != 0)
{
print "Password change failed.\n";
exit 1;
}

# if the user has a samba password hash file, set that to match the new password
if (stat($sambahashfile) ne NULL)
{
open(HASHFILE, ">" . $sambahashfile);
$hashstring = $lm . $nt;
print HASHFILE $hashstring;
close HASHFILE;
}



[ Reply to This | # ]
A way to change samba passwords from the command line
Authored by: Helge33 on Oct 06, '03 08:16:47AM

Hello,

even without trying your script right away I can regognize the essentials which seems to be a confirmation of my observation with samba password handling on OSX. I wonder whether there is no simpler way of handling this and whether there is any more documentation out there in the net?

Thanks for the script, Helge



[ Reply to This | # ]