| 1 | #! @EXPECT@ -f |
| 2 | # |
| 3 | # $Id: authsystem.passwd.in,v 1.2 2005/03/04 01:52:05 mrsam Exp $ |
| 4 | # |
| 5 | # Copyright 2001-2005 Double Precision, Inc. See COPYING for |
| 6 | # distribution information. |
| 7 | # |
| 8 | # This script attempts to change a system account password in an automated |
| 9 | # fashion. This implemention is an "expect" script for the passwd command. |
| 10 | # |
| 11 | # This script reads two lines of text from stdin: old password, new password |
| 12 | # then runs the passwd command to change the password, and we attempt to parse |
| 13 | # the output of passwd. |
| 14 | # |
| 15 | # This implementation is for the basic "passwd" command. If it doesn't work |
| 16 | # for you, sorry: you're on your own. Some common pitfalls: |
| 17 | # |
| 18 | # * Enhanced passwd implementations that reject passwords based on dictionary |
| 19 | # words, etc.. This can result in unexpected output from the passwd command |
| 20 | # that this script may not be able to handle. We attempt to catch the most |
| 21 | # common error messages, below. Finally, we use a 30 second timeout. |
| 22 | # |
| 23 | # * I dunno - there must be other problems with this. |
| 24 | # |
| 25 | |
| 26 | set timeout 30 |
| 27 | |
| 28 | expect { |
| 29 | -re "(.*)\n(.*)\n" { set oldpass "$expect_out(1,string)" ; set newpass "$expect_out(2,string)" } |
| 30 | eof { exit 1 } |
| 31 | timeout { exit 1 } |
| 32 | } |
| 33 | |
| 34 | set env(LC_ALL) "en_US" |
| 35 | spawn "@PASSWD@" |
| 36 | |
| 37 | expect { |
| 38 | -re "word:" { sleep 2; send "$oldpass\n" } |
| 39 | eof { exit 1 } |
| 40 | timeout { exit 1 } |
| 41 | } |
| 42 | |
| 43 | expect { |
| 44 | -re "nvalid" { exit 1 } |
| 45 | -re "word:" { sleep 2; send "$newpass\n" } |
| 46 | eof { exit 1 } |
| 47 | timeout { exit 1 } |
| 48 | } |
| 49 | |
| 50 | expect { |
| 51 | -re "nvalid" { exit 1 } |
| 52 | -re "NVALID" { exit 1 } |
| 53 | -re "bad pass" { exit 1 } |
| 54 | -re "BAD PASS" { exit 1 } |
| 55 | -re "dictionary" { exit 1 } |
| 56 | -re "common" { exit 1 } |
| 57 | -re "short" { exit 1 } |
| 58 | -re "word:" { sleep 2; send "$newpass\n" } |
| 59 | eof { exit 1 } |
| 60 | timeout { exit 1 } |
| 61 | } |
| 62 | |
| 63 | expect { |
| 64 | -re "nvalid" { exit 1 } |
| 65 | -re "nchange" { exit 1 } |
| 66 | -re "same" { exit 1 } |
| 67 | eof { exit 0 } |
| 68 | timeout { exit 1 } |
| 69 | } |
| 70 | |
| 71 | exit 1 |