Tuesday, February 8, 2011

PHP - shell_execute -change user password

Hi,

I need to be able to change the users' password through a web page (in a controlled environment). So, for that, I'm using this code:

<?php
$output = shell_exec("sudo -u dummy passwd testUser testUserPassword");
$output2 = shell_exec("dummyPassword");
echo $output;
echo $output2;
echo "done";
?>

My problem is that this script is not changing the password for the user "testUser". What am I doing wrong?

Thanks

From stackoverflow Armadillo

  • I'm not familiar enough with PHP to tell you how to fix it, but your problem is that the two shell_exec commands are entirely separate. It appears as though you're trying to use the second command to pipe input to the first one, but that's not possible. The first command shouldn't return until after that process has executed, when you run the second one it will attempt to run the program dummyPassword, which we can probably expect to fail.

    From Jeremy Banks

  • Use proc_open. (http://www.php.net/manual/en/function.proc-open.php)

    See this comment in particular at the manual: http://www.php.net/manual/en/function.proc-open.php#58044

    From Jonathan Arkell

  • The first response is correct. You probably want to use popen() or some other function that will return a pipe, which you can write to just like a file opened with fopen() or file(). 

    <?php
$pipe = popen("sudo -u dummy passwd testUser testUserPassword", 'r');
fwrite($pipe, "dummyPasswd\r\n");
pclose($pipe);
echo "done";
?>

    I haven't tested that, but it's the general idea of what you seem to be going for. You'll notice that this setup doesn't provide for the output from the commands you executed. For that, you'll need to use proc_open() which is a little harder to work with but does provide bi-directional support.

    From Jeremy DeGroot

  • Another option is to have a shell script, say called passwd_change.sh somewhere that looks like this:

    #!/usr/bin/expect -f
set username [lindex $argv 0]
set password [lindex $argv 1]

spawn passwd $username
expect "(current) UNIX password: " 
send "$password\r"
expect "Enter new UNIX password: "
send "$password\r"
expect "Retype new UNIX password: "
send "$password\r"
expect eof

    Then in your php code do:

    <?php
shell_exec("sudo -u root /path/to/passwd_change.sh testUser testUserPass");
?>
    From bmdhacks

  • Use chpasswd:

    $tmpfname = tempnam('/tmp/', 'chpasswd');
$handle = fopen($tmpfname, "w");
fwrite($handle, "$username:".crypt($password)."\n");
fclose($handle);
shell_exec("sudo sh -c \"chpasswd -e < $tmpfname\"");

    Beware! If somebody will get control on $username then he can change any password on a system.

    Armadillo : It really looked nice your solution, but my unix system does not have the "chpasswd" command. Thank you anyway
    From Tometzky

  • You should use the crypt() function to encrypt the password. Then you can call the usermod program like this usermod --password username encryptedpassword.

    The most common way to encrypt a UNIX login password is like this:

    crypt('password', '$1$salt1234$')

    (Where salt1234 is an eight letter salt)

    From Espen

  • An easy I know and which works (at least for Debian 4.0r5) is:

    #!/bin/bash

USER="root"
NEWPASS="bullsheit123"

echo $USER:$NEWPASS | chpasswd
echo $?

    Just adapt this to the php script and it should work fine.

    From $pageUsers[$post.author].name

  • I want to setting mysystem in Linux ubuntu 9.10 through web, first I must login to system through php. how script php & sheel. I beginner

    From poye
Posted by Mu Cat at 12:51 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)