idea: passwd chat script

Jamie ffolliott jmeff at engsoc.queensu.ca
Wed Feb 17 02:58:06 GMT 1999


I'm wondering, is it possible to write a shell script to run as the
"passwd program" in smb.conf, which essentially calls the unix
/usr/bin/passwd, plus whatever other custom things you wish to do?

In my case, I'd like to add an extra command to update a user's frontpage
passwd when they change their samba password from NT's ctrl-alt-del
dialogue, so passwords are in sync (unix/samba/other). (We aren't worried
about the security problems with frontpage)

I bet there's other possibilities here, so i'm suggesting a new feature
for samba 2.1prealpha: allow shell scripts to run from the "passwd
program" option (or a new "passwd script" option), and let the "passwd
chat" provide the interactive responses to the passwd script.

comments/ideas?

I think this would simplify password synchronization quite nicely - all
from the NT password dialogue.

For example, here's a very basic configuration i'm thinking of:
* This currently doesn't work in the latest 2.1prealpha CVS

smb.conf:
passwd program = /usr/local/sbin/pwdchat.sh %u
passwd chat = *password* %n\n *password* %n\n *successfull* *password*
%n\n *successfull*
unix passwd sync = yes

here's pwdchat.sh :

#!/bin/sh
LOGIN=$1
if [ -z $LOGIN ]; then
  exit 2
fi

# Let standard unix-based passwd prompt for the password
# "passwd chat" string should handle the responses
/usr/bin/passwd $LOGIN

# Another passwd program
echo -n "re-enter password:"
read PASS 
/usr/bin/another_passwd $LOGIN $PASS
echo "all passwords changed successfully"



More information about the samba-ntdom mailing list