I have to set up useraccounts with rexec. So I'm only able te execute a
command. I can't use dialogs (as needed for passwd). What I do so far is
the following:
useradd -u <UID> -d /<HOMEDIR>/<LOGNAME> -c '<DESCRIPTION>' <LOGNAME>
which creates an new account with all options I need.
The next I use is chpass, which sources I found in a newsgroup.
chpass <LOGNAME> <PASSWORD>
which set's a password for the account.
Everything is ok with chpass for accounts that already exist. The new
password is set correctly. With new accounts the user gets an "account
expired" on first login. Is there a chance to set the expiration-date
for accounts?
Thanks in advance,
Daniel
Are you sure the message is 'account expired'?
What OS and release are you using?
You should also include a pointer to the 'chpass' that you used.
John
--
John DuBois spc...@armory.com KC6QKZ/AE http://www.armory.com/~spcecdt/
Sorry. Correctly the password has expired, not the account. :-/
That's what happens on first login of the new account.
----
login: dvtest
Password:
Last successful login for dvtest: NEVER
Last unsuccessful login for dvtest: NEVER
Your password has expired
Setting password for user: dvtest
Old password:
----
The sourcecode of "chpass" is as follows:
----
#include <sys/types.h>
#include <sys/security.h>
#include <sys/audit.h>
#include <prot.h>
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#include <string.h>
#include <time.h>
/** Global variables **/
static struct pr_passwd *p;
int main(argc, argv)
int argc;
char *argv[];
{
char salt[3], *passwd, *newpasswd;
set_auth_parameters(argc, argv);
if ((argc < 3) && (argc > 4))
{ return (1);
}
if ((p = getprpwnam(argv[1])) == NULL)
{ return (1);
}
if (argc == 4)
{ salt[0] = p->ufld.fd_encrypt[0];
salt[1] = p->ufld.fd_encrypt[1];
salt[2] = '\0';
if (strcmp(bigcrypt(argv[2], salt), p->ufld.fd_encrypt) != 0 )
return(2);
}
sprintf(salt,"%2.2d",(time((time_t *)NULL) % 100));
strcpy(p->ufld.fd_encrypt, bigcrypt(argv[argc - 1], salt));
return (putprpwnam(argv[1], p) ? 0 : 1);
}
----
Daniel
After an account is created with useradd, it can't be logged into until the
protected password database indicates that the password has been set. The
program you're using sets the password, but fails to set the time the password
was set, which indicates to the login process that the password still has never
been set.
In the following code, the only change made is to add this line:
p->ufld.fd_schange = time(NULL);
I've include the entire program here for the sake of future readers.
John
return(2);
}
p->ufld.fd_schange = time(NULL);
return (putprpwnam(argv[1], p) ? 0 : 1);
}
Thanks a lot. It works.