[clug] Re: root password suits all (My solution)

[Michael James]

On Tue, 1 Apr 2003 02:45 pm, Michael James wrote:
> I need to fix some strange behaviour in certain accounts
>  and it's inconvenient getting the users in, just to type their passwords.

FWIW this script implements a solution Kim Holburn suggested.

First duplicate yours or root's entry in the shadow file 
changing the username to 'test'.  Leave this line in place.

Then use:	test-an-account username

It creates a duplicate line in the passwd file
 just below the account to be tested.
This has the username changed to 'test'.

This user is identical to the account to be tested
 except the password will be the same as yours, (or root's or whatever).

The script does an ssh back to localhost as the user 'test'.
Type whichever password you duplicated in shadow.

While you are logged in you can also test FTP,
 even samba (if you added the user test to samba's password file).

As soon as you log out the original password file is put back.
BEWARE: you loose any changes made during the test.

michaelj

Script follows:


#!/usr/bin/perl

use strict;

my $TEST        = 'test';
my $PASSWD      = '/etc/passwd';
my $TEMP        = '/etc/.passwd';
my $PASSBAK     = '/etc/opasswd';
my $SSH         = '/usr/bin/ssh';

my $user = $ARGV[0] or die "usage: $0 <account to test>\n";

open(OLD, "< $PASSWD") or die "Can't read $PASSWD\n";
open(NEW, "> $TEMP") or die "Can't write $TEMP\n";
while (<OLD>)
{
        /^$TEST:/ and next;
        print NEW;

        # create duplicate test line but not for uid 0
        s/^$user:/$TEST:/ and ! /:0:/ and print NEW;
}
close(OLD) or die "Can't close $PASSWD\n";
close(NEW) or die "Can't close $TEMP\n";

rename($PASSWD, $PASSBAK) or die "Can't rename $PASSWD to $PASSBAK\n";
rename($TEMP, $PASSWD)    or die "Can't rename $TEMP to $PASSWD\n";

system($SSH, '-l', $TEST, 'localhost');

rename($PASSBAK, $PASSWD) or die "Can't rename $PASSBAK to $PASSWD\n";

__END__