info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: password generation

From: Beachey, Kendric
Subject: RE: password generation
Date: Tue, 25 Sep 2001 08:24:51 -0500

Another person posted something similar to what I'm about to post, so now you'll have a couple of choices.  :-)

Here are the (perl) scripts I've been using for cvs password maintenance.  You may need to adjust the first line to point to your copy of perl.  The first script adds a new user to your cvs passwd file, using their username as the initial password.  The second script changes a user's cvs password.  They're not the greatest solution, I'm sure, but maybe they'll give you an idea for something better.


--------8<--- cut here ---8<-------------------
#!/usr/bin/perl
#
# addcvsuser <username>
#
# Adds a new user to the cvs passwd file, using the user's name as the
# initial password.
#
# ASSumption:
# this script needs to live in the CVSROOT directory, next door to the cvs passwd file.
#
# Shortcoming:
# initial password is lame.
 
# grab username from command line
my $username = shift;
 
# generate encrypted password
srand (time());
my $randletter = "(int (rand (26)) + (int (rand (1) + .5) % 2 ? 65 : 97))";
my $salt = sprintf ("%c%c", eval $randletter, eval $randletter);
my $crypttext = crypt ($username, $salt);
my $newpasswdline = sprintf ("%s:%s:%s", $username, $crypttext, "cvs");
 
# Check to see that user doesn't already exist
open (PASSWD, "passwd");
while (<PASSWD>)
{
        split (/:/);
        die ("User $username already exists.\n") if (@_[0] eq $username);
}
close (PASSWD);
 
# Add user's line to passwd file
open (PASSWD, ">>passwd");
print PASSWD "${newpasswdline}\n";
close (PASSWD);
--------8<--- cut here ---8<-------------------
#!/usr/bin/perl
#
# chcvspasswd <username> <newpassword>
#
# ASSumption:
# this script needs to live in your CVSROOT directory, next door to the cvs passwd file.
#
# Shortcomings:
# 1) your password is typed on the command line, so someone else might see it.
# 2) you're not required to prove your identity.
# 3) you don't have to know your old password to change it.
 
# Grab username and password from command line
my $username = shift;
my $newpasswd = shift;
 
# Generate encrypted password
srand (time());
my $randletter = "(int (rand (26)) + (int (rand (1) + .5) % 2 ? 65 : 97))";
my $salt = sprintf ("%c%c", eval $randletter, eval $randletter);
my $crypttext = crypt ($newpasswd, $salt);
 
# Find the user's line in the passwd file and change it
open (PASSWD, "passwd");
 
my $found = "no";
my $top = "";
my $middle = "";
my $bottom = "";
 
while (<PASSWD>)
{
        chop;
        split (/:/);
        my $loopuser = @_[0];
        my $looppasswd = @_[1];
        my $loopsysuser = @_[2];
 
        # Not everyone in the world mimics a system user.
        $loopsysuser = ":" . $loopsysuser unless ($loopsysuser eq "");
 
        my $tempstring = sprintf ("%s:%s%s\n", $loopuser, $looppasswd, $loopsysuser);
 
        if ($loopuser ne $username)
        {
                if ($found eq "no")
                {
                        $top .= $tempstring;
                }
                else
                {
                        $bottom .= $tempstring;
                }
        } # end if loopuser ne username
        else
        {
                $found = "yes";
                $tempstring = sprintf ("%s:%s%s\n", $username, $crypttext, $loopsysuser);
                $middle = $tempstring;
        }
} # end while PASSWD
 
# Bail out if the user doesn't exist
die ("User $username does not exist.\n") if ($found eq "no");
 
close (PASSWD);
 
# Rewrite the passwd file with the change
open (PASSWD, ">passwd");
print PASSWD ($top);
print PASSWD ($middle);
print PASSWD ($bottom);
--------8<--- cut here ---8<-------------------

Kendric Beachey

reply via email to
[Prev in Thread] Current Thread [Next in Thread]