Hi all:
Working with per 5.8.8 on RH5.5. I am building a cgi app that will allow users to add accounts to a remote system that is behind a firewall. There are no interactive accounts except for us admins.
When users put in a name for the account, a check is done to ensure that the account does not already exists. If account does not exist a sub is called to add the new account.
If the account does exist the a message appears on user's screen and a sub is started to change the passwd. However I only want users to be able to change the passwd if the account has a specific gid. If the gid does not match, exit out. (See snippet below.)
So the first test to verify the existence of the account works fine. Now that I have verified that the account exists I want to be able to verify the gid, if it matches '5612' then the users can change the passwd. If the gid does not equal '5612' then the users are presented a message saying they cannot change the passwd. The root account is specifically stated and if they try to change the root passwd via the cgi they are kicked out of the script and the message says "NO" (in much more stern langauge).
So users enter the account name on the first form page, The second page is a verification page for user - "Is this correct?" The third page is the activity.
Does this account exist? YES. Does this account have the /5612/ pattern in the 4th field of the pass file? If YES, change it. If NO, message the user and kick them out. (Prevent users from changing the passwd on any other account that is not gid=5612)
I am copying the passwd file from the remote system so that is why you see 'passwd.$$'. So I am wanting to check the line that contains the account name and verify the 4th field, 3rd field in array.
Any ideas or hints?
Many thanks!
if (!$test) {
print "<br>$sr exists on the system<br>\n";
open(PASS, '/tmp/passwd.$$');
while(<PASS>) {
chomp;
my @fields=split(':', $_);
if (grep {$fields[3] !~ /5612/} @fields) {
print "You cannot change the passwd on system accounts.<br>\n";
print "This is being logged and will be reported.<br>\n";
}
close(PASS);
}
}
Working with per 5.8.8 on RH5.5. I am building a cgi app that will allow users to add accounts to a remote system that is behind a firewall. There are no interactive accounts except for us admins.
When users put in a name for the account, a check is done to ensure that the account does not already exists. If account does not exist a sub is called to add the new account.
If the account does exist the a message appears on user's screen and a sub is started to change the passwd. However I only want users to be able to change the passwd if the account has a specific gid. If the gid does not match, exit out. (See snippet below.)
So the first test to verify the existence of the account works fine. Now that I have verified that the account exists I want to be able to verify the gid, if it matches '5612' then the users can change the passwd. If the gid does not equal '5612' then the users are presented a message saying they cannot change the passwd. The root account is specifically stated and if they try to change the root passwd via the cgi they are kicked out of the script and the message says "NO" (in much more stern langauge).
So users enter the account name on the first form page, The second page is a verification page for user - "Is this correct?" The third page is the activity.
Does this account exist? YES. Does this account have the /5612/ pattern in the 4th field of the pass file? If YES, change it. If NO, message the user and kick them out. (Prevent users from changing the passwd on any other account that is not gid=5612)
I am copying the passwd file from the remote system so that is why you see 'passwd.$$'. So I am wanting to check the line that contains the account name and verify the 4th field, 3rd field in array.
Any ideas or hints?
Many thanks!
if (!$test) {
print "<br>$sr exists on the system<br>\n";
open(PASS, '/tmp/passwd.$$');
while(<PASS>) {
chomp;
my @fields=split(':', $_);
if (grep {$fields[3] !~ /5612/} @fields) {
print "You cannot change the passwd on system accounts.<br>\n";
print "This is being logged and will be reported.<br>\n";
}
close(PASS);
}
}
