[SUMMARY] non-interactive password changing

From: Wales Wong (wawong@ouhk.edu.hk)
Date: Mon Aug 11 1997 - 04:44:19 CDT


Dear Managers,

Thanks for all the prompt response.

Original question:
> Because of the system migration, I have to create a lot of
> users. This can easily be done by using useradd. The accounts
> created by useradd are locked until passwd is called to change
> the password.
>
> Unfortunately, I can't find a non-interactive way to
> change the password. It's a pain if I have to change
> the password manually.
>
> Question:
> Is there any menthod that I can change the passwords of 300+ users
> with little pain?

Answers:

I received valuable help from:
Kumara Swamy-WIPRO-NA <mrk@india.ti.com>
Stefan Voss <s.voss@terradata.de>
Stephen Harris <sweh@mpn.com>

and those I haven't received yet.

With the help from one of my colleague, I solve my problem by
writing a simple expect script. The env variables UNAME and UPASS
carry the username and password respectively.

#!/usr/local/bin/expect -f
set username $env(UNAME)
set password $env(UPASS)

spawn passwd $username
expect "New password:"
send "$password\r"
expect "Re-enter new password:"
send "$password\r"
send "exit\r"
expect eof

Thanks again for all the valuable and prompt help ^_^

Responses:
==========================================================================
Kumara Swamy-WIPRO-NA <mrk@india.ti.com> suggested the following:
        You can copy /etc/passwd file from your old server to new server ,
which would have taken care .
        in case you are migrating from Sunos to solaris , run pwconv
command on the target server after copying passwd file
which takes care of shadow, etc .
==============================================================
Stephen Harris <sweh@mpn.com> suggested the use of "expect"

==============================================================
Stefan Voss <s.voss@terradata.de> gave me another summary.

the program in this SUMMARY might help you changing the passwords. In combi-
nation with awk or a shell script, it could work somehow. If it does not
work, Silvia (sbelt@mailer.sagar.gob.mx) might know a solution.

----- Begin Included Message -----

>From sun-managers-relay@ra.mcs.anl.gov Tue Aug 5 19:57:12 1997
Sender: sun-managers-relay@ra.mcs.anl.gov
Date: Tue, 05 Aug 1997 11:23:19 -0600
From: "Ing. Silvia Beltrán S." <sbelt@mailer.sagar.gob.mx>
Followup-to: "Ing. Silvia Beltrán S." <sbelt@mailer.sagar.gob.mx>
Reply-To: sbelt@mailer.sagar.gob.mx
Organization: Departamento de Soporte Técnico
X-Mailer: Mozilla 4.01 [en] (Win95; I)
MIME-Version: 1.0
To: sun-managers@ra.mcs.anl.gov
Subject: SUMMARY: Crypt
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Length: 3738

Thanks Sun Managers,

Thanks for all the people that answered my question, They helped me a
lot.
Silvia.
------------------------------------------
The question was:
I want to automate the task of add users, I did a script that added the
specific line in the /etc/passwd, but I want to add the encripted
password also, Does somebody know the use of crypt ? The man pages just
tell me:
crypt key password
and I use for example: crypt jo LIkes9
the result is: !d"yp
and this is not a valid password .....
-------------------------------------------------
The answer was:

Compile this program and run it from the command line with the following
option.
cc -o rpass rpass.c
rpass sspasswd
Where ss represents the salt and passwd represents the actual password.
This is modification of similar program posted on sun-managers mailing
list.
Kamal
/* Reverse with easy salt mkpasswd.c */
#include <stdio.h>
#include <string.h>
main(argc,argv)
int argc;
char *argv[];
{
  char line[512],salt[3];
  int i,l;
  salt[2]='\0';
  if(argc == 1) /* No parameters there read from standard input */
  {
    while(gets(line) != NULL)
    {
      l=strlen(line);
      if(l > 2)
      {
        salt[0]=line[0];
        salt[1]=line[1];
        printf("%s\n",crypt(line+2,salt));
      }
      else
        fprintf(stderr,"Too short [%i] \"%s\"\n",l,line);
    }
  }
  else
  {
    for(i=1;i<argc;i++)
    {
      l=strlen(argv[i]);
      if(l > 2)
      {
        salt[0]=argv[i][0];
        salt[1]=argv[i][1];
        printf("%s\n",crypt(argv[i]+2,salt));
      }
      else
        fprintf(stderr,"Too short [%i] \"%s\"\n",l,argv[i]);
    }
  }
}

-----------------------------------
Comments:

Stephen Harris <sweh@mpn.com>"The command line crypt program is not the
same as the crypt() function call."
Silvia: sorry, I was confusing the ideas.

Rich Snyder <rsnyder@eos.hitc.com> "There is also a Perl crypt function
that does the same thing if you prefer Perl."
Silvia: I prefer use the c program :)

Michal Dombrowski <temple@mat.uni.torun.pl> "Perhaps you could use the
standard Solaris tool named 'useradd'"
Silvia: But useradd doesn't add the password

Jim Harmon <jharmon@telecnnct.com> "First, built the line that will
include the passwd, leaving the "passwd" field = ",." And then tell the
new user to login, or instead, after creating this line, invoke "passwd"
as root and install your new passwd for the user with expect or some
other utility."
Silvia: Well, the users can take them mails just using a POP/client,
they can't do telnet to the server ( policy), the second option ...
sometimes I have to set up 100 emails (more or less), imagine the
slowness with passwd, third option ... I used expect with a script,but
when the program take the user 30, the program break I don't know why
but that happend.

-----------------------------------
Special Thanks for:

Kamal Kantawala <kamal@mcc.com>
BCE User <iwallace@bcoe.bm>
Bob Bridgham <robbie@b-e-s-t.com>
"Rich Snyder" <rsnyder@eos.hitc.com>
Javier Figueiredo <jfigue@impsat1.com.ar>
D.White@mcs.surrey.ac.uk
peter.allan@aeat.co.uk (Peter M Allan)
John Birtley <john@baesema.co.uk>
Stephen Harris <sweh@mpn.com>
Michal Dombrowski <temple@mat.uni.torun.pl>
Chris Marble <cmarble@orion.ac.hmc.edu>
Jose Luis Delgado <jdelgado@nexus.net.mx>
Jim Harmon <jharmon@telecnnct.com>
Mike.Carson@telos.com (Mike Carson)
Ada Chan <chan@library.ucsf.edu>
"Brion Leary" <brion@dia.state.ma.us>
Ian TCollins <itc1@scigen.co.uk>
Gerald Combs - Unicom Communications <gerald@unicom.net>
"Alex Lattanzi" <alattanzi@impsat1.com>
fpardo@tisny.com (Frank Pardo)
Jim McVey <jmcvey@nhgri.nih.gov>
John D Groenveld <groenvel@cse.psu.edu>
Troy Wollenslegel <troy@intranet.org>
Tawanda Queen <trq96@acs.org>

----- End Included Message -----

-----------------

Best Regards,
    ___________________________
   / Wales K. F. Wong /\
  / ITU, Open University / /\ _______________ ______________
 / of Hong Kong / / / Phone /\ / Fax /\
/__________________________/ / /___2768 6532__/ /\ /__2762 7469__/ /\
\__________________________\/ \______________\/ \_____________\/
 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \

Never lose faith in your ability



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:00 CDT