idea: passwd chat script
Todd Pfaff
pfaff at edge.cis.McMaster.CA
Wed Feb 17 04:40:54 GMT 1999
On Wed, 17 Feb 1999, Jamie ffolliott wrote:
> I'm wondering, is it possible to write a shell script to run as the
> "passwd program" in smb.conf, which essentially calls the unix
> /usr/bin/passwd, plus whatever other custom things you wish to do?
yes, or it can also be a semicolon separated list of commands. i use
this to sync my nis master password map:
passwd program = /bin/passwd -r files %u; cd /var/yp; /usr/ccs/bin/make passwd
passwd chat = *New\spassword:* "%n\n" *new\spassword:* "%n\n" *updated\spasswd* . *pushed\spasswd*
> In my case, I'd like to add an extra command to update a user's frontpage
> passwd when they change their samba password from NT's ctrl-alt-del
> dialogue, so passwords are in sync (unix/samba/other). (We aren't worried
> about the security problems with frontpage)
sure, that's all possible now. your passwd chat just has to have enough
expect-send strings to satisfy the passwd program.
> I bet there's other possibilities here, so i'm suggesting a new feature
> for samba 2.1prealpha: allow shell scripts to run from the "passwd
> program" option (or a new "passwd script" option), and let the "passwd
> chat" provide the interactive responses to the passwd script.
>
> comments/ideas?
>
> I think this would simplify password synchronization quite nicely - all
> from the NT password dialogue.
>
> For example, here's a very basic configuration i'm thinking of:
> * This currently doesn't work in the latest 2.1prealpha CVS
>
> smb.conf:
> passwd program = /usr/local/sbin/pwdchat.sh %u
> passwd chat = *password* %n\n *password* %n\n *successfull* *password*
> %n\n *successfull*
> unix passwd sync = yes
>
> here's pwdchat.sh :
>
> #!/bin/sh
> LOGIN=$1
> if [ -z $LOGIN ]; then
> exit 2
> fi
>
> # Let standard unix-based passwd prompt for the password
> # "passwd chat" string should handle the responses
> /usr/bin/passwd $LOGIN
>
> # Another passwd program
> echo -n "re-enter password:"
> read PASS
> /usr/bin/another_passwd $LOGIN $PASS
> echo "all passwords changed successfully"
>
--
Todd Pfaff \ Email: pfaff at mcmaster.ca
Computing and Information Services \ Voice: (905) 525-9140 x22920
ABB 132 \ FAX: (905) 528-3773
McMaster University \
Hamilton, Ontario, Canada L8S 4M1 \
More information about the samba-ntdom
mailing list