From owner-freebsd-questions  Thu Nov 18  3: 2:17 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from ctb-mesg2.saix.net (ctb-mesg2.saix.net [196.25.240.74])
	by hub.freebsd.org (Postfix) with ESMTP id 653BA15105
	for <freebsd-questions@FreeBSD.ORG>; Thu, 18 Nov 1999 03:02:14 -0800 (PST)
	(envelope-from )
Received: from saix.net (cbs53-01-p229.wc.saix.net)
 by ctb-mesg2.saix.net (Sun Internet Mail Server sims.3.5.1999.03.02.17.58.p5)
 with SMTP id <0FLE003173ZMTE@ctb-mesg2.saix.net> for
 freebsd-questions@FreeBSD.ORG; Thu, 18 Nov 1999 13:02:12 +0200 (SAT)
Received: from cataract [192.168.62.25] by eye2eye.net [127.0.0.1] with SMTP
 (MDaemon.v2.7.SP0.R) for <freebsd-questions@FreeBSD.ORG>; Thu,
 18 Nov 1999 12:51:06 +0200
Date: Thu, 18 Nov 1999 13:51:00 +0200
From: 
Subject: RE: change system password over web
In-reply-to: <1145CD545D54D211BCEB0060B067AD06190D67@RETINA>
To: 'Sheldon Hearn' <sheldonh@uunet.co.za>,
	"'Francis A. Vidal'" <francis@usls.edu>
Cc: 'FreeBSD Questions' <freebsd-questions@FreeBSD.ORG>
Reply-To: cataract@eye2eye.net
Message-id: <1145CD545D54D211BCEB0060B067AD0618C125@RETINA>
MIME-version: 1.0
X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7bit
Importance: Normal
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211
X-MDaemon-Deliver-To: freebsd-questions@FreeBSD.ORG
X-Priority: 3 (Normal)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

We had a problem like this at the office and sorted it out with an
interesting solution. The main problem is you need to be root to do this,
and apache refuses to run as root unless you fix it a little - and thats NOT
recommended.

So what we did is we made a php3 script which is the ACTION of our form.
What we do is send a mail to root with cunning hidden headers and some pgp
encryption of the username and new password. Then we have a procmail filter
which looks for the hidden header, takes the encryption passes it through a
php binary which decrypts the pgp and then executes something like this :

#$1 = username
#$2 = newpassword

/usr/sbin/pw usermod $1 -h 0 <<EOF
$2
EOF

Weird solution - but it works!

-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Sheldon Hearn
Sent: Thursday, November 18, 1999 11:40 AM
To: Francis A. Vidal
Cc: FreeBSD Questions
Subject: Re: change system password over web




On Thu, 18 Nov 1999 14:09:12 +0800, "Francis A. Vidal" wrote:

> can you point me to a program so that users can change their passwords
> over the web? thanks!

If nobody else comes up with the exact answer you're looking for, I have
a suggestion.

Have a look at webmin in the ports tree.  It doesn't seem to be geared
toward use by users, but their edit_user.cgi is probably a good start if
you know a bit of perl.

Ciao,
Sheldon.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message