[sudo-users] Sudo; Help needed
bob at proulx.com
Sat May 6 18:42:00 EDT 2006
Abdul Shahid Khattak wrote:
> I have setup fedora 2 where the sudo1.6.7p5 is installed.
> I want write a program that take some input (User Name and Password
> ) from user and create the linux account as we do using adduser
> I am novice to linux, How can sudo help me.
> NOTE: when i use the following commad in console it works fine for me,
> $ sudo adduser test
> but this shows nothing when i run it from my php script.
> Can any body help me? that what could be the problem.
> Please suggest!
What version of adduser are you using? This is what I see:
adduser: add a user or group to the system. Version 3.63
What I think is happening is that adduser is opening up /dev/tty to
read the password. I think adduser actually is calling 'passwd' to
set the password for the user interactively. However from your php
script there is no /dev/tty available because it is not an interactive
process. It is not actually attached to a terminal. This is why it
works when run interactively and fails in batchmode.
I suggest looking at the --disabled-password option to adduser. Then
enable the password using alternate methods such as mkpasswd. The
user can still log in using non-password methods such as ssh using rsa
keys. But using adduser with all of the options specified and with
--disabled-password should allow it to run completely in batch mode.
On my Debian system the useful mkpasswd command is (strangely) in the
"whois" package. But there are many ways to generated the encrypted
password such as using a perl script. Here is an example:
my $salt = join '', ('.', '/', 0..9,'A'..'Z', 'a'..'z')[rand 64,rand 64];
my $passwd = crypt($newpasswd,$salt);
Then by scripting you could install the new password into the password
file yourself after having created the account using adduser. Always
exercise caution when editing the password file for a mistake can
cause big problems. Always check return codes. Always keep a backup.
More information about the sudo-users