Is there a way to setup a server to allow users to change their passwords? I have an apache web server running on Redhat 6.1 with virtual hosts that I'd like to allow users to change passwords. I also have a sendmail server I'd like to do the same on. Is there a good/secure way to do this without letting them into a shell?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
password change
- Thread starter mufka
- Start date
teksgtchen
MIS
You want to give user (let's call him brad) the right to login to your linux box, to change his unix password (and only that)?
If so, try this:
search your /etc/passwd for user brad. It might look like
this:
brad:x:555:100:Brad Morgan:/home/brad:/bin/false
Now change it to this....
brad:x:555:100:Brad Morgan:/home/brad:/bin/passwd
Whenever user brad tries to login (locally / telnet / ssh) he will be presented the passwd process - and that's it.
Hope this helps.
so long
markus
If so, try this:
search your /etc/passwd for user brad. It might look like
this:
brad:x:555:100:Brad Morgan:/home/brad:/bin/false
Now change it to this....
brad:x:555:100:Brad Morgan:/home/brad:/bin/passwd
Whenever user brad tries to login (locally / telnet / ssh) he will be presented the passwd process - and that's it.
Hope this helps.
so long
markus
One way is to wrap the login in a shell script.
something like:
#!/bin/sh
UEXIT() {
echo -e "\033[40;32m , Want to go???"
echo "yes|no" ; sleep 2s
read ans
case $ans in
YES|yes|Yes|y) exit > /dev/null 2>&1
;;
NO|no|No|n) return ;;
esac
}
#traps common escape signals with function choice
trap "UEXIT" 2 3 15
menu() {
echo "
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
USER MENU
1) Change Password A
2) Change Password B
3) Do something else
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
echo -n "your choice: "
read choice
case $choice in
1) Changepass commands ;;
2) Changepass commands ;;
3) Do something else commands ;;
esac
exit
}
Then put this in the users .profile.
In theory something like this will work, but your mileage
may vary.
For more control use something like an expect script to wrap the login, or use a RestrictedShell, or trap the user in their home directory, either through permissions or silly shell tricks.
Good luck, hope this helped.
something like:
#!/bin/sh
UEXIT() {
echo -e "\033[40;32m , Want to go???"
echo "yes|no" ; sleep 2s
read ans
case $ans in
YES|yes|Yes|y) exit > /dev/null 2>&1
;;
NO|no|No|n) return ;;
esac
}
#traps common escape signals with function choice
trap "UEXIT" 2 3 15
menu() {
echo "
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
USER MENU
1) Change Password A
2) Change Password B
3) Do something else
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
echo -n "your choice: "
read choice
case $choice in
1) Changepass commands ;;
2) Changepass commands ;;
3) Do something else commands ;;
esac
exit
}
Then put this in the users .profile.
In theory something like this will work, but your mileage
may vary.
For more control use something like an expect script to wrap the login, or use a RestrictedShell, or trap the user in their home directory, either through permissions or silly shell tricks.
Good luck, hope this helped.
- Status
Similar threads
