From owner-freebsd-bugs Sun Jan 30 12:10: 5 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id BFB5C150AA for ; Sun, 30 Jan 2000 12:10:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id MAA78155; Sun, 30 Jan 2000 12:10:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from baerenklau.de.freebsd.org (baerenklau.de.freebsd.org [195.185.195.14]) by hub.freebsd.org (Postfix) with ESMTP id 2C4BE150AA for ; Sun, 30 Jan 2000 12:02:04 -0800 (PST) (envelope-from wosch@panke.de.freebsd.org) Received: (from uucp@localhost) by baerenklau.de.freebsd.org (8.8.8/8.8.8) with UUCP id VAB19850 for FreeBSD-gnats-submit@freebsd.org; Sun, 30 Jan 2000 21:02:02 +0100 (CET) (envelope-from wosch@panke.de.freebsd.org) Received: (from wosch@localhost) by paula.panke.de.freebsd.org (8.9.3/8.8.8) id UAA07459; Sun, 30 Jan 2000 20:58:55 +0100 (CET) (envelope-from wosch) Message-Id: <200001301958.UAA07459@paula.panke.de.freebsd.org> Date: Sun, 30 Jan 2000 20:58:55 +0100 (CET) From: Wolfram Schneider Reply-To: wosch@panke.de.freebsd.org To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/16480: locked accounts and adduser Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 16480 >Category: bin >Synopsis: locked accounts and adduser >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Jan 30 12:10:00 PST 2000 >Closed-Date: >Last-Modified: >Originator: Wolfram Schneider >Release: FreeBSD 4.0-CURRENT i386 >Organization: >Environment: ---------- Forwarded message ---------- Date: Tue, 18 Jan 2000 17:14:26 -0500 (EST) From: Ben Rosengart To: hackers@freebsd.org Subject: locked accounts and adduser I thought it would be nice if one could create locked accounts with adduser. So I asked my nice Perl-hacking coworker Evan Leon to come up with a patch. Enter password []: Use an empty password or lock the password? lock no [yes]: lock ... # grep user /etc/master.passwd user:*:1001:1001::0:0:Joe User:/home/user:/bin/sh The patch is attached. Anyone like it? Any chance it could be committed? I find it useful in two situations: 1) Sometimes I want to install someone's public key instead of giving them a password. That way, I don't need a secure channel over which to communicate the password. 2) Other times, I'm going to be pasting a hashed password directly into the master.passwd file, and this is a convenient way of locking the account until I do that. Another idea I have is to allow adduser to accept a hashed password instead of a plaintext one. Perhaps if this goes over well, Evan and I will work on that next. -- Ben Rosengart UNIX Systems Engineer, Skunk Group StarMedia Network, Inc. --- /usr/sbin/adduser Thu Jan 13 12:20:38 2000 +++ adduser Tue Jan 18 16:57:05 2000 @@ -649,13 +649,17 @@ last if $password eq $newpass; print "They didn't match, please try again\n"; } - elsif (&confirm_yn("Use an empty password?", "yes")) { - last; - } + else { + $lockpass = &confirm_list("Use an empty password or lock the password?", 0, "yes", "no", "lock"); + if ($lockpass ne "no") { + last; + } + } + } + if ($lockpass == "lock") { + $password = "*"; } - - return $password; -} +} sub new_users { @@ -703,7 +707,12 @@ $new_users_ok = 1; $cryptpwd = ""; - $cryptpwd = crypt($password, &salt) if $password ne ""; + if ($passwd == "*") { + $cryptpwd = "*"; + } + else { + $cryptpwd = crypt($password, &salt) if $password ne ""; + } # obscure perl bug $new_entry = "$name\:" . "$cryptpwd" . "\:$u_id\:$g_id\:$class\:0:0:$fullname:$userhome:$sh"; @@ -1392,3 +1401,5 @@ &new_users; # add new users #end + + >Description: >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message