| 1 | #! @EXPECT@ -f |
| 2 | # |
| 3 | # |
| 4 | # Copyright 2001-2005 Double Precision, Inc. See COPYING for |
| 5 | # distribution information. |
| 6 | # |
| 7 | # This script attempts to change a system account password in an automated |
| 8 | # fashion. This implemention is an "expect" script for the passwd command. |
| 9 | # |
| 10 | # This script reads two lines of text from stdin: old password, new password |
| 11 | # then runs the passwd command to change the password, and we attempt to parse |
| 12 | # the output of passwd. |
| 13 | # |
| 14 | # This implementation is for the basic "passwd" command. If it doesn't work |
| 15 | # for you, sorry: you're on your own. Some common pitfalls: |
| 16 | # |
| 17 | # * Enhanced passwd implementations that reject passwords based on dictionary |
| 18 | # words, etc.. This can result in unexpected output from the passwd command |
| 19 | # that this script may not be able to handle. We attempt to catch the most |
| 20 | # common error messages, below. Finally, we use a 30 second timeout. |
| 21 | # |
| 22 | # * I dunno - there must be other problems with this. |
| 23 | # |
| 24 | |
| 25 | set timeout 30 |
| 26 | |
| 27 | expect { |
| 28 | -re "(.*)\n(.*)\n" { set oldpass "$expect_out(1,string)" ; set newpass "$expect_out(2,string)" } |
| 29 | eof { exit 1 } |
| 30 | timeout { exit 1 } |
| 31 | } |
| 32 | |
| 33 | set env(LC_ALL) "en_US" |
| 34 | spawn "@PASSWD@" |
| 35 | |
| 36 | expect { |
| 37 | -re "word:" { sleep 2; send "$oldpass\n" } |
| 38 | eof { exit 1 } |
| 39 | timeout { exit 1 } |
| 40 | } |
| 41 | |
| 42 | expect { |
| 43 | -re "nvalid" { exit 1 } |
| 44 | -re "word:" { sleep 2; send "$newpass\n" } |
| 45 | eof { exit 1 } |
| 46 | timeout { exit 1 } |
| 47 | } |
| 48 | |
| 49 | expect { |
| 50 | -re "nvalid" { exit 1 } |
| 51 | -re "NVALID" { exit 1 } |
| 52 | -re "bad pass" { exit 1 } |
| 53 | -re "BAD PASS" { exit 1 } |
| 54 | -re "dictionary" { exit 1 } |
| 55 | -re "common" { exit 1 } |
| 56 | -re "short" { exit 1 } |
| 57 | -re "word:" { sleep 2; send "$newpass\n" } |
| 58 | eof { exit 1 } |
| 59 | timeout { exit 1 } |
| 60 | } |
| 61 | |
| 62 | expect { |
| 63 | -re "nvalid" { exit 1 } |
| 64 | -re "nchange" { exit 1 } |
| 65 | -re "same" { exit 1 } |
| 66 | eof { exit 0 } |
| 67 | timeout { exit 1 } |
| 68 | } |
| 69 | |
| 70 | exit 1 |